26 Jan 2022

Pro-democracy org hijacked to become macOS spyware distributor

Researchers have reportedly uncovered a new strain of macOS malware that is being distributed in attacks against visitors to a Hong Kong pro-democracy radio station website. The website was used to facilitate a watering hole-style attack and serve a Safari browser to exploit to visitors. Therefore, the malware was deployed

Read More
12 Jan 2022

This new malware wants to create backdoors and targets Windows, Linux and macOS

Cybersecurity researchers have discovered a new malware that has the capability to create backdoors on Windows, Linux, and macOS operating systems. Therefore, hackers using the malware could achieve full access to compromised systems on a range of devices. Intezer released more information about the malware, which it has named SysJoker.

Read More
12 Nov 2021

Google warns of hackers using macOS zero-day flaw to capture keystrokes, screengrabs

Google’s Threat Analysis Group (TAG) has discovered attackers targeting visitors to websites in Hong Kong were using a previously unknown zero-day flaw in macOS to capture keystrokes and take screengrabs. Apple patched the bug in September, tracked as CVE-2021-30869, roughly a month after it was discovered by Google Researchers. Apple

Read More
06 Aug 2021

Researchers Find Significant Vulnerabilities in macOS Privacy Protections

Researchers have uncovered significant vulnerabilities in macOS privacy protection. According to researchers Csaba Fitzl and Wojciech Regula with Offensive Security and SecuRing respectively, applications that are allowed to run on Apple’s operating system can exceed the permissions granted to them by the user. This allows for potential privacy attacks, such

Read More
08 Jul 2021

MacOS Targeted in WildPressure APT Malware Campaign

Compromised WordPress websites have been enlisted by threat actors in a campaign targeting macOS users. WildPressure is the group of threat actors that have added a macOS malware variant to their campaign targeting energy sector businesses. Compromised WordPress websites are being utilized to carry out attacks.  Novel malware, named Milum,

Read More
22 Feb 2021

Attackers Already Targeting Apple’s M1 Chip with Custom Malware

The M1 chip is the latest processor for Apple Macs. Malware authors have already created Mac-specific binaries that can target the ARM64 architecture used by these M1 processors. One of the malware downloaders is called Silver Sparrow and can use the MacOS installer’s JavaScript API to create communication with a

Read More
16 Nov 2020

Apple Issues Security Updates

Apple has recently released three critical security updates affecting macOS Big Sur 11.0, macOS High Sierra 10.13.6, and macOS Mojave 10.14.6. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) announced the patches in a notice released earlier this week urging consumers to update their devices as soon

Read More
07 Oct 2020

Apple’s T2 Security Chip Has an Unfixable Flaw

A recently released tool allows any user to exploit a Mac vulnerability that leads to bypassing the T2 security chip, gaining deep system access. The flaw is commonly used among researchers to jailbreak older iPhone models, however, the fact that the T2 chip is similarly vulnerable in Mac devices as

Read More
01 Sep 2020

Apple Accidentally Approved Malware to Run on MacOS

In February, Apple began to notarize all macOS applications in an extensive vetting process that was designed purposefully to weed out malicious apps. All software distributed outside of the Mac App Store requires a notarization now, or the programs will be unable to run on devices. However, researchers have discovered

Read More
10 Jul 2020

This macOS malware can wipe your entire device

MacOS users could be vulnerable to a new form of ransomware discovered by security professionals at the firm SentinelOne. MacOS owners have been warned to monitor device security closely after the new malware variant known as ThiefQuest began to target victims, encrypting entire systems, and stealing personal data from the

Read More