Published:
September 22 2009, 10:01 AM
by
Methusela Cebrian Ferrer
The 2009 Virus Bulletin Conference will be held at Geneva, Switzerland from the 23rd to the 25th of September. CA is a platinum sponsor of this year’s event.
This conference has been always an exciting event for the anti-malware industry to discuss research findings, expertise, best-practices and challenges, specifically the ever-changing threat landscape.
One of the “hot” topics this year is Mac OS X threats, as we’ve seen research findings from Blackhat, as well as proof-of-concept examples, exploit codes and malware.
However, what’s more notable about Mac security this year is that Apple very publicly changed its tune with regard to system security and even more surprisingly, has introduced malware protection into the recent OS X version, Snow Leopard.
Now the big question is why? I am very pleased to present my research findings to this year’s Virus Bulletin conference.
When I proposed the abstract in February, I emphasized the proposition that “Mac is Secure”. [Abstract reference here] Indeed, it is a debatable statement that usually (in the past) provided more reasonable advantages to its supporters.
“The skeptics' relentless campaign that Mac threats are a myth is perhaps due to isolated incident of real attack.”
In the whitepaper, I outlined and described the changing OS X threat landscape, including analysis of past to present threats.
However, in the presentation, I’ll first focus on specific threat families and discuss a detailed analysis of them and then will broaden the perspective and discuss how the attacks have reached a new level. I’ll discuss the strategies that have been deployed, and the level of sophistication employed by the malware authors that has lead Mac users to fall victim to the attacker’s manipulation, which has subsequently resulted in Apple stepping in and introducing malware protection feature in the latest OS X version.
At the end of the presentation the audience will have a deeper understanding of what went wrong and how Mac’s well-intentioned security campaign turned into an opportunity for exploitation by attackers.
I’ll also discuss the economic model of Internet threats we’re dealing with today and how this affects the Mac platform.
See you guys in the conference!
PS: Here are the topics and schedules of other CA ISBU researchers that will be presenting as well. Please refer the program for details.
Wednesday 23rd September 14:40 - 15:20 "Malware on a mission" by Amir Fouda
Thursday 24th September 12:00 - 12: 40 "Win32/Sality network activity" by Arkady Kovtun