Apple readies fix for Thunderstrike bootkit exploit in next OS X release

A fix for the Thunderstrike proof-of-concept bootkit attack has made its way into a beta version of Apple's OS X, according to a just-published report. The new fix may indicate that a patch isn't far from general release.

The exploit was dubbed Thunderstrike because it spreads through maliciously modified peripheral devices connected to a Mac's Thunderbolt interface. When plugged into a Mac that's booting up, the device injects what's known as an option ROM into the extensible firmware interface (EFI), the firmware responsible for starting a Mac's system management mode and enabling other low-level functions. Once a Mac is infected, the malicious firmware can survive hard drive reformats and OS reinstallations. And since Thunderstrike replaces the digital signature Apple uses to ensure only authorized firmware runs on Macs, there are few viable ways to disinfect infected systems.

Earlier this month, Thunderstrike creator Trammell Hudson said that only the latest versions of Mac Mini's and iMac Retina 5ks were largely immune to the exploit but that Apple engineers were in the process of developing a fix for the rest of the Mac product line. According to a report published Friday by iMore, the patch has been spotted in the latest beta of OS X 10.10.2, the next version of Yosemite.

Read 6 remaining paragraphs | Comments

IC3 Releases Alert for a Scam Targeting Businesses

Original release date: January 24, 2015

The Internet Crime Complaint Center (IC3) has released an alert warning companies of a sophisticated wire payment scam dubbed the Business E-mail Compromise. Scammers use fraudulent information to trick companies into directing financial transactions into accounts they control.

Users are encouraged to review the IC3 Scam Alert for details and refer to the US-CERT Tip ST04-014 for information on social engineering and phishing attacks.

This product is provided subject to this Notification and this Privacy & Use policy.