I am refering to the recently wide-spread “Flashback Trojan” that has infected an estimated 600,000 Apple brand PC’s and laptops in recent weeks.  Yes, Apple has been forthcoming in its information releases and has issued 3 Java updates in the past 9 days in order to combat and remove this threat.  Flashback as of today has been reduced to an estimated 140,000 active infections through these measures, but some variants of the Trojan are not so easily removed.

Flashback works through Java scripting; some variants have the ability to create a counterfeit signed Apple certificate, prompting the user to install it.  But once installed, Flashback works to capture personal data including passwords to banking and e-commerce sites, and transmit its findings to the cloud.

Like most security issues, the most basic flaw is a false sense of security.

Bad things, man.

Apple has released several fixes to help users remove and block Flashback.  Some include Java Plugin updates that turn off Java as a Plugin in the Apple browser Safari, restricting the ability to run any Java scripts automatically.  A setting that can be manually changed by the user later.  Other Java patches are designed to identify and remove the malicious code Flashback is created by, and close the security holes that allow the code to be executed.

But if there is one thing we have learned from the Microsoft experience with viruses it is, those that write the malicious code are a persistent bunch.  Why?  Because writing a small amount of code is not too time consuming and if it gets them the right information, it can be incredibly, although very illegally, profitable.  The bad-guys are also usually a few steps ahead of the good-guys as well.  As Apple releases these fixes, you can bet new malicious code is being created and tested to subvert these fixes and possibly even disable or modify them.  So is this the end of the road for Flashback and other Mac designated viruses?  Personally I believe it is only the beginning.

What made Flashback a quick success?  One contributing factor is undoubtedly so much of the Apple user population maintaining a, “It can’t happen to me,” attitude about viruses and security.  After all, we’ve been hearing it for years: viruses are a Microsoft thing, and Macs CAN’T get viruses.  Not that there just aren’t viruses written for Macs.  Those that stand far to the Apple side of the Mac vs. PC debate have literally been lulled into the misconception that Mac O/S has some magical, you can’t execute malicious code on me, properties that no other software designers have found the fairy dust to.

Now we see just what a falacy that is, and I’m sure 600,000 Apple users can relate their frustrations.

As I pointed out before in my article (link)about virus proliferation through out the technology community almost a year ago, a lot of the lack of viruses in the Apple side of the community is just a numbers game.  But now as those numbers are increasing toward more and more home and business users using Apple products for business utilities beyond video and graphics, there will no doubt be an increasing interest by would-be cyber criminals to target unsuspecting and unprepared Mac users.  It is estimated that in the United States as of 2011, Apple now owns approximately 11% of the desktop and laptop market-share, and globally they have eclipsed 5% world wide for the first time.  But that still means that almost 95% of the world runs Windows as their primary desktop platform.

Are the cyber theives going to go after 5% or 95%?  You know the answer.  But as that Apple number grows it will become more and more attractive of a target, even being the minority.  Especially considering most Apple users will still operate under the false assumption that they don’t need real security as long as they’re sitting behind the glowing white logo on the lid.

A better policy would be to be proactive, install a reliable security software on your Apple Mac device and make sure your own network is secured from external attacks.  Be prepared before the bad-guys get one step ahead of the Apple developers again.

I can assure you, they will.

Fool Me Once… is a post from: @ Blog

Apple products have long touted that they are more secure. Times are changing...

It this report from thenexweb.com (link), the explore some of the recent security threats to Mac users, Safari users (the default web browser on Apple Mac O/S), what users should be aware of and how to remove the latest threat.

As in Windows platforms, many of these malware infections have the primary purpose of scaring users into handing over credit card information as well as tricking them in to potentially exposing other personal information.

We feel it is necessary to once again remind all users that if an application you don’t recognize shows up on your computer, take action immediately. Do not ever enter credit card information into an application or website unless you have initiated the transaction with a trusted vendor online.

This is only the beginning for Mac users. The long held belief is that Apple products are safer, more secure and don’t get viruses. However, a lot of that is due in part to their past lack of market saturation. Apple has started to cut into Microsoft’s heavy penetration into the desktop O/S market, and with that as their popularity in this market segment increases so will the number of threats specifically targeting Apple’s products.

Mac Users, Beware. is a post from: @ Blog

1. Uninstall unnecessary browser tool bars. Having one search engine tool bar on your browser is convenient. Your security software may install another that you will find useful. However, having multiple search engine tool bars and other tool bars is not only redundant but will slow down your browser.

Many applications will insist on installing a tool bar when you install the application. There is usually an option to not install the tool bar, but often the wording of the installer is tricky – pay attention to all install options when installing new software, especially anything downloaded online.

Most tool bars can be uninstalled through the add/remove programs utility in the control panel after the fact or have their own uninstall utility in their program folder.

2. Clear your temporary internet file cache. Frequently we get calls from customers experiencing sudden and unexplained browser issues. Your browser saves temporary files – graphics, HTML code, forms, etc. – from the sites you visit so the next time you load that site, it can call upon those temporary, locally saved files to speed up the page loading time. Unfortunately if this cache is not purged, the file directories become cumbersome for the browser and the browser will start to malfunction. Clearing the cache is as easy as a couple mouse clicks and the controls for this are usually found in the browser’s options menu.

3. The more data you have on your hard drive, the slower it will perform. Keep frequent backups of your data and consider storing infrequently used files (such as family photos) on other media, such as flash drives, secure-digital cards or USB hard drives. Although none of these media alone is the ideal back-up solution for irreplaceable data – secure, remote backup solutions should be considered. But for the sake of keeping your PC running smoothly, less data means quicker read/write times on the hard drive, adequate virtual memory space and quicker disk cleanup and defrag utility run times.

4. Reduce the number of applications that launch on startup. Some programs will run an auto-updater service in the background that can be turned off. These applications will most likely go out to find updates once they are launched, but turning off features that run automatically every time you start the PC will improve boot times and reduce the system resources being used on a regular basis.

5. Registry optimization can help improve system performance in Windows operating systems – customers frequently ask us for our opinion on different optimization programs; most of these costing either an annual maintenance fee or one-time purchase fee. We have found good success with I/Obit Advanced SystemCare Free edition. Running this manually on a regular basis will help keep your registry and other system resources running well.

IOBit Advanced SystemCare

Advanced SystemCare does have a malware removal utility, which we have found to be adequate for removing cookies and not much else. Stick with a quality malware removal tool like Malware Bytes for any heavy duty malware clean-up.

As always, Aspire is here to help. Call us at 716-200-4479 or email service@aspiretechnet.com if you have questions.

Five tips for Windows Optimization is a post from: @ Blog