Showing only posts tagged MacOS. Show all posts.

3 million iOS and macOS apps were exposed to potent supply-chain attacks

Source

Enlarge (credit: Aurich Lawson) Vulnerabilities that went undetected for a decade left thousands of macOS and iOS apps susceptible to supply-chain attacks. Hackers could have added malicious code compromising the security of millions or billions of people who installed them, researchers said Monday. The vulnerabilities, which were fixed last …

Hackers can force iOS and macOS browsers to divulge passwords and much more

Source

Enlarge (credit: Kim et al.) Researchers have devised an attack that forces Apple’s Safari browser to divulge passwords, Gmail message content, and other secrets by exploiting a side channel vulnerability in the A- and M-series CPUs running modern iOS and macOS devices. iLeakage, as the academic researchers have …

With 0-days hitting Chrome, iOS, and dozens more this month, is no software safe?

Source

Enlarge (credit: Getty Images ) End users, admins, and researchers better brace yourselves: The number of apps being patched for zero-day vulnerabilities has skyrocketed this month and is likely to get worse in the following weeks. People have worked overtime in recent weeks to patch a raft of vulnerabilities actively …

Prominent cryptocurrency exchange infected with previously unseen Mac malware

Source

Enlarge (credit: Getty Images) Researchers have discovered previously unknown Mac malware infecting a cryptocurrency exchange. It contains a full suite of capabilities, including the ability to steal private data and download and execute new malicious files. Dubbed JokerSpy, the malware is written in the Python programming language and makes …

3CX Breach Was a Double Supply Chain Compromise

Source

We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX. The lengthy, complex intrusion has all the makings of a cyberpunk spy novel: North Korean hackers using legions of fake executive accounts on LinkedIn to lure people into opening malware disguised …

Mac malware spreading for ~14 months installs backdoor on infected systems

Source

Enlarge (credit: Getty Images ) Mac malware known as UpdateAgent has been spreading for more than a year, and it is growing increasingly malevolent as its developers add new bells and whistles. The additions include the pushing of an aggressive second-stage adware payload that installs a persistent backdoor on infected …

Booby-trapped sites delivered potent new backdoor trojan to macOS users

Source

Enlarge (credit: Getty Images ) Researchers have uncovered advanced, never-before-seen macOS malware that was installed using exploits that were almost impossible for most users to detect or stop once the users landed on a malicious website. The malware was a full-featured backdoor that was written from scratch, an indication that …

Actively exploited macOS 0-day let hackers take screenshots of infected Macs

Source

Enlarge (credit: CHUYN / Getty Images ) Malicious hackers have been exploiting a vulnerability in fully updated versions of macOS that allowed them to take screenshots on infected Macs without having to get permission from victims first. The zero-day was exploited by XCSSET, a piece of malware discovered by security firm …

Actively exploited macOS 0day let hackers take screenshots of infected Macs

Source

Enlarge (credit: CHUYN / Getty Images ) Malicious hackers have been exploiting a vulnerability in fully updated versions of macOS that allowed them to take screenshots on infected Macs without having to get permission from victims first. The zeroday was exploited by XCSSET, a piece of malware discovered by security firm …

Actively exploited Mac 0-day neutered core OS security defenses

Source

Enlarge (credit: Getty Images) When Apple released the latest version 11.3 for macOS on Monday, it didn't just introduce support for new features and optimizations. More importantly, the company fixed a zero-day vulnerability that hackers were actively exploiting to install malware without triggering core Mac security mechanisms, some …

New malware found on 30,000 Macs has security pros stumped

Source

Enlarge (credit: Jayson Photography / Getty Images ) A previously undetected piece of malware found on almost 30,000 Macs worldwide is generating intrigue in security circles, which are still trying to understand precisely what it does and what purpose its self-destruct capability serves. Once an hour, infected Macs check a …