New “Flood_Router26” IPv6 attack takes down Mac OS X and Server 2012

Sam Bowne, Ethical Hacking instructor at City College San Francisco has released a crazy video showing two of the latest IPv6 Router Advertisement attacks from the THC-IPv6 attack toolkit. And from what it looks like, these attacks work against both Mac and Microsoft systems.

In the second part of the video, the “Flood_Router26” RA attack first takes down a Mac OS X’s network interface and then throws the Mac into a spinning “Circle of Death”. A Windows XP system hooked to the network went to 100% resource usage and when the 2012 Server is checked, it actually rebooted!

More information about this attack, screenshots, packet captures and instructions can be found here.

WARNING! Do not attempt this on a live network!

Crazy! Hopefully Apple and Microsoft addresses this issue quick!

2,000 Employees Riot at Apple’s iPhone 5 Factory

(Reuters / Stringer Photo)

All right all you iPhone junkies, I hope you are happy. Your lust for new tech has caused some major problems for the Foxconn plant in China that makes the new iPhone 5. According to Foxnews 2,000(!!) employees apparently fed up with working conditions were involved in a large scale brawl:

“Foxconn Technology Group and police said the cause of the unrest Sunday night was under investigation, but it comes amid a series of violent protests by workers in areas throughout China over grievances about pay and working conditions. Foxconn and police said as many as 2,000 employees were involved and 40 people were reported injured.”

I have seen several reports about harsh working conditions, and bad treatment of workers, especially at this plant. And it looks like things broiled over when a confrontation between a worker and guard became violent.

“Foxconn, some supervisors, and security guards never respect us,” said the employee, who asked not to be identified by name. “We all have this anger toward them and they (the workers) wanted to destroy things to release this anger.”

Apple systems used to be made in the good ‘ol USA, but as the demand for product increased, and as the lust for higher profits kicked in, manufacturing was moved from US plants to China. Where it appears laborer rights are not quite the same as they are here with reports of forced overtime, wage issues and ill treatment of workers.

According to the article workers were being forced to work more than 60 hours per week at one point in what some called a militaristic atmosphere:

“Workers are expected to obey their manager at all times, not to question but simply to what they are told,” Crothall said. “That atmosphere is not conducive to a happy or contented workforce. It’s a very dehumanizing way of treating workers.”

According to a PCWorld article, workers were forced to work up to 80 hours per week leading up to the release of the iPad 3.

Maybe when Chinese workers demand equal pay and rights, American businessmen will return the work to American shores where it is desperately needed. And where workers are treated a lot more humane.

TrendMicro “Mythbusting Mac Security” Video

Great video by TrendMicro. A lot of users think because they have a Mac or Linux system that they are impervious to viruses. Macs and Linux machines are now as targeted as Windows based machines because of their increase in popularity. Security testing platforms like Backtrack include Linux and Mac shells that work just as well as their Windows counterparts.

And though the video mentions that only a small fraction of Mac users have a security program, I have where Linux based AV protection was actually WORSE than it’s Windows counterpart. When testing one of the Linux AV’s I was able to bypass it and gain a remote shell where the Windows version of the same AV actually caught the malware and stopped it.

Smart surfing, script blocking and e-mail safety goes a long way in protecting your system. Even if it is a Mac!  🙂

Mac Virus “Backdoor.Flashback” Patch and Removal

Last week, Russian Anti-Virus company Doctor Web, found that the Flashback Mac Trojan has infected almost 600,000 systems. With many of those infected located in the US (see above chart from Dr. Web). The large infection rate has raised some eyebrows, especially since many believe that Macs can not get viruses.

The trojan uses a Java exploit to gain remote access, and possible keylogging capabilities. The malware programmers are targeting three seperate Java vulnerabilities in the attack.

Apple has since patched the vulnerability and according to an Apple security bulletin, the OS X Lion 2012-002 and Java for Mac OS X 10.6 Update 7 can be downloaded and installed via Software Update preferences, or from Apple Downloads.

Doctor Web has created an online tool to check to see if your machine is infected, and security software company F-Secure has released instructions on how to remove the virus if you are indeed infected.