MAC OS X Security Tips!
((Note to F-Secure, please do not delete this guide. Thank you.))
This is a good guide on how to secure your MAC OS X!
Updated since Nov 2015! --------------------------------------------------------------------------
Removing Spyware on Smartphones!
To do a restore on your iPhone.
Go to this link.
Back up your iPhone method here... thru iCloud.
Reset Windows 8.1 Phone to Factory Reset
Reset Android Phones to Factory reset....
Reset Blackberry Phones to Factory reset
Reset Nokia Symbian 3 to factory reset
Check daily for Apple Security Updates!
Mac malware issues:-
Remove Adware for Mac.
About Filevault 2!
Create Mac OS X recovery 8 or 16 GB USB Stick!
Apple support page here:-
Methods to fsck-fy on Mac OS X via safe mode.
Disk Utility Repair.
How to detect and remove Genieo for Mac
Don’t Jailbreak Your iPhone if You Want to Stop Government Spyware
Posted on August 13th, 2014 by Graham Cluley
Normally, you can’t run whatever software you like on your iPhone.
As a corporation, Apple has something of a “controlling personality” and has locked down your iPhone and iPad to prevent you from making a wide number of changes or tweaks.
The most obvious limitation is that on a regular iPhone you can only install programs approved by Apple, and distributed via Apple’s App Store – unlike, say, the situation on your Windows PC or Apple Mac computer.
On a jailbroken iPhone, however, you can shop for apps anywhere on the net, not just the official App Store.
So, should you jailbreak your iPhone? Well, from the security point of view, I’d recommend that if you’re thinking of jailbreaking you should proceed with caution, as two recent news stories demonstrate:
Firstly, surveillance companies love jailbroken iPhones.
Last week, news emerged that a company called Gamma International, which develops commercial network intrusion malware for the purposes of surveillance and sells it to governments around the world, had been hacked.
Gamma International has something of a notorious reputation over concerns that its software may have ended up in the hands of oppressive regimes, and that the company had no qualms about disguising its FinFisher spyware as bogus versions of the Firefox web browser.
According to Gamma International sales documents leaked by the hackers, FinFisher (also known as FinSpy) has no difficulties running on Androids and Blackberrys, but if it is up against a regular, non-jailbroken iPhone – it’s powerless.
Jailbreak required for iOS devices
iOS: Untethered jailbreak required
So, if a government agent wants to listen in to the Skype calls you make, or track your location, or read files and steal phone numbers from your iPhone, they’ll have their fingers crossed that you have jailbroken it – otherwise they’re going to have to find a different way of spying on you and your activity than using FinFisher.
FinFisher requires jailbroken iPhones
The reason is that jailbreaking rips out much of the security that Apple built into iOS in the first place, to protect users from nastiness and misbehaving apps. Whereas with other popular smartphone operating systems, FinFisher can be installed and activated relatively easily – it’s a lot harder with the iPhone.
Secondly, Chinese malware gangs make money out of jailbroken iPhones.
This week brings another warning for those considering jailbreaking their iDevices.
As Virus Bulletin reports, security researcher Axelle Apvrille has uncovered that some 75,000 jailbroken iPhones have been infected by malware known as iOS/AdThief.
The malicious code, written by a Chinese hacker calling themselves Rover12421, hijacks revenue from 15 different adkits, meaning that cash ends up in the pockets of criminals rather than the makers of the ad-funded apps themselves.
AdThief on iOS
“With 75,000 infected devices, iOS/AdThief is not extremely prevalent,” wrote Apvrille. “However, there are an estimated 22 million hijacked ads, so the malware has probably had a fair amount of impact and generated significant revenue for the owner(s).”
Apvrille is right not to send owners of jailbroken iPhones running to the hills in panic. The threat should be put in proportion. Although there are clearly more risks associated with having a jailbroken iPhone compared to an un-meddled iDevice, there is still remarkably little malware written for the iOS operating system – particularly when compared to the huge problem that exists on Android.
Should you jailbreak your iPhone?
Personally, I think the typical smartphone user is safer with an iPhone than an Android, but an iPhone that isn’t jailbroken is safest of all from the malware point of view.
Yes, you might be able to do some cool things which Apple doesn’t want you to do with a jailbroken iPhone – but is it really worth the risk?
Graham Cluley Graham Cluley
About Graham Cluley
Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats. Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security. Follow him on Twitter at @gcluley. View all posts by Graham Cluley →
This entry was posted in Security & Privacy and tagged FinFisher, FinSpy, Gamma International, government, government surveillance, iOS, iPhone, jailbreak, malware, spyware. Bookmark the permalink.1 1Like
Hacker Claims to Have Discovered Undocumented iOS “Backdoor”; Apple Denies NSA
Collusion Posted on July 23rd, 2014 by Graham Cluley
Hacker claims to have found an iOS "backdoor". Apple denies it is in league with the NSAA data forensics expert and jailbreaker has discovered what he claims to be a undocumented “backdoor” in the iOS operating system used on iPhones and iPads that could be exploited by the NSA and other law enforcement agencies. Jonathan Zdziarski (also known as “NerveGas”) presented his findings this month at the annual Hackers on Planet Earth (HOPE X) conference in New York. The talk, entitled “Identifying Backdoors, Attack Points, and Surveillance Mechanisms in iOS Devices,” claimed that the undocumented functions could be used by unauthorised parties to wirelessly extract sensitive data from iOS devices, without requiring a password or PIN. Zdziarski slides The news has, understandably, generated a lot of scary headlines—but it appears that exploitation of the so-called “backdoor” may be far from trivial. Firstly, the iPhone or iPad you wish to extract data from needs to have been paired with a regular desktop or laptop computer via USB. At that point, your mobile device and your computer create a secure encrypted SSL channel to exchange information, by exchanging certificates and encryption keys. Apple USBThe pairing data is stored on your mobile device and computer, and is normally never wiped unless you perform a factory reset. If an unauthorised party could get hold of that pairing information, then—argues Zdziarksi—they could begin an attack. So, how could they access the pairing data? Well, one way might be to install spyware onto the targeted user’s desktop or laptop computer. But bear this in mind: if your computer has already been compromised by malware, haven’t you already got a heap load of problems, aside from the possibility that your Apple iPhone may also come under attack? After all, a compromised MacBook which has a malware infection could log your passwords as you type them on the device, steal information from your computer and access your online accounts relatively easily. Chances are that that would be a more than satisfactory result for the typical data thief. But to also access the data on a paired iPhone or iPad, a malicious hacker would have to go further. For instance, they could create a bogus hotspot using a WiFi network name that has been previously used by the mobile device, allowing it to connect and scoop up sensitive data. Zdziarski’s presentation at HOPE X asked the following questions of Apple: Why is there a packet sniffer running on 600 million personal iOS devices instead of moved to the developer mount? Why are there undocumented services that bypass user backup encryption that dump mass amounts of personal data from the phone? Why is most of my user data still not encrypted with the PIN or passphrase, enabling the invasion of my personal privacy by YOU? Why is there still no mechanism to review the devices my iPhone is paired with, so i can delete ones that don’t belong? Apple clearly didn’t want to get into a detailed and public **bleep**-for-tat conversation with Zdziarski regarding his accusations, but it did defend itself, strongly denying any suggestion that it had assisted the likes of the NSA by sneakily incorporating a backdoor into the iOS code. Instead, the company claims, iOS collects diagnostic and troubleshooting information for use by developers and enterprise users: We have designed iOS so that its diagnostic functions do not compromise user privacy and security, but still provides needed information to enterprise IT departments, developers and Apple for troubleshooting technical issues. A user must have unlocked their device and agreed to trust another computer before that computer is able to access this limited diagnostic data. The user must agree to share this information, and data is never transferred without their consent. As we have said before, Apple has never worked with any government agency from any country to create a backdoor in any of our products of services. In a blog post published after his HOPE X talk, Zdziarski played down conspiratorial theories: “I am not suggesting some grand conspiracy. There are, however, some services running in iOS that shouldn’t be there, that were intentionally added by Apple as part of the firmware and that bypass backup encryption while copying more of your personal data than ever should come off the phone for the average consumer.” “My hope is that Apple will correct the problem. Nothing less, nothing more. I want these services off my phone. They don’t belong there.” To be honest, what Zdziarski describes doesn’t feel like much of a backdoor to me. It’s not some secret method that Apple’s developers built into the iOS operating system to give them easy access later. If anything, it’s a potential point of weakness that a suitably resourced group might be able to exploit to gather private information against the wishes of the targeted user. Of course, that doesn’t mean that Apple shouldn’t do everything in its power to reduce the chances of that ever happening. Whether Apple will change the iOS code in light of Zdziarski’s revelations remains to be seen. But if they do not address it, one has to wonder, why not? Do you think Apple has acted suspiciously? Do you think the accusations of a backdoor are overblown? Leave a comment below with your opinion. Google+ Graham Cluley Graham Cluley About Graham Cluley Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats. Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security. Follow him on Twitter at @gcluley. View all posts by Graham Cluley → This entry was posted in Apple, Security & Privacy and tagged backdoor, iOS, iPhone, Jonathan Zdziarski, NSA, privacy, security. Bookmark the permalink.1 1Like
This is the details on xprotect....
Protect a disk with a password
Airport Wifi WPA2
Password Protected Disk Image
Keeping your confidential data secure while doing hardware repairs
Safari Secure certificates
Click this link to view for Troubleshooting Guides.
Apple Apps Store Troubleshooting guides
Apple iTunes Troubleshooting guides
iCloud Troubleshooting guides
Apple ID Troubleshooting guides
Game Center troubleshooting on your Mac & iOS devices
Troubleshooting guides on FaceTime & iMessage
Maverick 10.9.5 updates
Maverick 10.9 Bash updates
Mountain Lion 10.8 Bash updates
Lion 10.7 Bash updates
Apple security updates here:-
If you have ugrade to Mac OS X 10.10.
Please do a software update immediately!!!
Due to vulnerability in security of OS X 10.10.
That goes the same to Mountain Lion, Mavericks and iTunes for windows.
See details base on this sites:-
Here is the tips of troubleshooting on Yosemite Runs very slow....
For Macbooks laptops...
Please read this link:-
On google search type these options:-
icloud apple id cannot login
apple id have been disable
to get the links like the above....
Go to this link for Apple ID troubleshootings.
Contact Apple Support for Apple ID
apple support page
ios Apps5 Like
Palo Alto Networks Wirelurker removal with python scripts...
How to protect yourself from ‘Masque Attacks’ that replace iOS apps with malware
November 10, 2014 by Topher Kessler
BurnIconXFollowing the recent finding of the widespread WireLurker malware that allows an infected system to hijack iOS applications and replace contents to convert them into malicious programs, security researchers at FireEye have revealed this as part of a long-standing flaw in iOS that similarly allows apps to be replaced with malware programs.
This vulnerability uses the same enterprise provisioning routines that are used by WireLurker, but the approach that WireLurker uses is a limited form of a wider problem with iOS that allows an app to be replaced by another one using the same app bundle identifier.
What this means is that if you have an app installed through the App Store, then this routine can allow a malicious program disguising itself as the app to be swapped out, and then run without any warnings or errors in iOS. This has potential severe security impacts, such as mobile banking apps that could be replaced with ones that mimic a bank’s interface, only to have your credentials sent to a third party.
While the threat from WireLurker was limited to attaching your iOS device to an infected Mac via a USB cable, the Masque Attack can be used to install apps from a number of other locations, including Web pages and third-party app stores. In a demonstration of this problem, FireEye researchers were able to have a Web page install an app called “New Flappy Bird” that swaps out an original Gmail app on an iPhone.
How to protect yourself from masque attacks
While this problem has potential to be a widespread threat, if you use your iOS devices under standard conditions and with apps you only install from the App Store, then you are good to go. Staying safe from this and similar threats simply involve following these common guidelines:
Do not jailbreak your device (or do so only if you know exactly what you are doing and understand the risks).
Do not tap “install” on any alerts from Web pages that request you install anything on your iOS device.
Avoid third-party App Stores, and only use Apple’s built-in App Store to install programs on your iOS device.
Avoid opening any program that shows warnings such as “untrusted app developer,” even if the app looks legitimate.
If you run across any Web page or installed app that shows these behaviors, then close it down, do not install anything, and delete any suspected app from your iOS device. You can always re-download the app to your system from the App Store to get a legitimate version.
Another security measure that enterprise-managed iOS 7 devices can take is to check your device’s profiles for any provisioning profiles. To do this, go to Settings > General > Profiles and then check any listed provisioning profiles with your enterprise’s IT department to see whether or not they are authentic. However, this feature is not available in iOS 8, so be sure you are extra careful about what apps you install for devices running this version of iOS.
Show Download History List of All Files Ever Downloaded Within Mac OS X
Jul 12, 2012 - 29 Comments
List Download History of All Files on a Mac
Have you ever wanted to show a list of the entire download history of a Mac? Maybe you know you downloaded a file but you can’t quite pinpoint where you got it from and the “Get Info” trick didn’t work. Or maybe you are trying to track down a file that has been placed on a system that led to problems. Whether it’s for troubleshooting, personal interest, or forensics, the following command will show you everything that you’ve downloaded to a Mac regardless of the application that it came from:
Launch Terminal from /Applications/Utilities/ and enter the following command into a single line:
sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV* 'select LSQuarantineDataURLString from LSQuarantineEvent'
Depending on how old the Mac is and how much stuff you’ve downloaded, it can take a while to query the database and dump the results. You may want to pipe the results through “sort” to group the downloaded list into similar items or sources, that would look like this:
sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV* 'select LSQuarantineDataURLString from LSQuarantineEvent' | sort
The output lists everything that has been passed through the Quarantine Manager, which for the last several versions of Mac OS X is quite literally every item downloaded to the Mac, regardless of the application it came from. The older the Mac is, the larger the list, and the longer the query can take to run.
This list even works if you have file quarantine turned off for files and apps, thanks to inket for verifying that.
Deleting the Download History List
For those who would rather not have an all-inclusive historical list of downloaded files, you can run the following command to delete the contents of the quarantine database:
sqlite3 ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV* 'delete from LSQuarantineEvent'
You can run that individually, or place it into .bash_profile or .profile to clear the database automatically when a new terminal window is launched.
Thanks to Scott for the great tip, and thanks to Wiggums for the delete syntax
Mac OS X Yosemite 10.10 Guides
Mac OS X Mavericks 10.9 Guides
To remove any Adwares for Mac OS X....
I recommend downloading AdMedic...
or Bitdefeder Adware Removal for Mac...
read guide here ..
Others... check your extensions in your browsers and remove them...
Apple support link to adware removal...
for dns-changer for mac check here...
For Mac OSX Yosemite
For Mac OS X snow leopard Mountain Lion or Lion
- MacBook Pro with Retina display
- MacBook Air (Mid 2013 and later)
- iMac (Late 2013 and later)
- Mac Pro (Late 2013)
Please update to Yosemite Mac OS X 10.10.2 now! Don't Wait!!
See details here about Thunderstrike:-