We continue to see increase RISK related to Java, specific to the MacOS. It is our belief that criminals will take advantage of the cross platform nature and Apple's update cycle.
We recommend the following actions:
- If you do not need or use Java turn it off in Safari.
- Do not Trust Unsigned Applets.
- Restrict Java using the JavaPreferences.APP
- Users should deselect "Auto-Fill" in browsers.
Check the following and remove all:
- In Safari>Preferences>Auto File select "User Names and passwords"---> Edit and then remove all.
- In Safari>Preferences>Auto File select "Other"---> Edit and then remove all.
Consider the following for Safari and Browsing:
- Disable autofill from you browser for any form data.
- Set save history to one day.
- Make sure "Open Safe Files" is deselected in Safari.
- Download files only to the download folder.
- Set Remove Downloads to "When Safari Quits."
- Never do Web Surfing as the Administrator, carry out daily task as a user that does not have administrator privileges.
- Never use Safari on a Mac OSX Server, download files, confirm the hash and then move the file via network assets in your control.