Friday, September 14, 2012

Sophos Mac Antivirus Home Edition

Did you know that while Sophos doesn't have a home edition of their PC antivirus they do have a FREE home edition for Mac?

It supports OSX 10.4 (both Intel and PPC) all the way up to 10.8 Mountain Lion.

What's that you say? Macs don't need Antivirus? are we still arguing that old point? Well then, yes they do!

At the SecTor security conference at the beginning of October, Seth Hardy will be talking about a new development in Mac malware attacks. Targeted attacks:
APT ALL THE THINGS: are Mac users no longer safe? - Seth Hardy

A new development of 2012, targeted attacks (APTs) against human rights now often include malware specifically designed to compromise Macs. Mac users have long thought they're safe, for a variety of reasons including: "nobody ever targets us" (not anymore!), "Macs are based on Unix so have additional security" (not if new vulnerabilities are found, or you choose to run the program), and "we're not using Internet Explorer or Outlook so most threats don't work" (other software can be just as buggy).

One region in particular has started using malware "bundles" that detect the target's operating system and serve up the appropriate program to compromise computers within NGOs and other human rights organizations. This is a relatively new development, with names starting to become more familiar: e.g. SabPab (related to the known LuckyCat campaign), Lamadai, and MacControl. This also coincided with the rise of the Flashback botnet - a Mac-specific botnet believed to at one point be over 600,000 strong. In this talk we'll look at targeted Mac malware, observe similarities and differences to "conventional" targeted attacks, and go over some end-of-year thoughts as to where Mac malware may be going next.


For home users on PC, you can get Sophos' virus removal tool  for free, but if you want the real deal, you have to buy at least 6 licenses of the coprorate product.  While it is good, I'd recommend most home users on PC look at another product.

No comments: