Security News

Apple released its 2021 Platform Security guide, Thursday, outlining its current and year-ahead agenda for its device hardware, software and silicon security. Previous Platform Security updates have taken a piecemeal approach to address Apple's security universe, said Rich Mogull, analyst and CEO with Securosis.

Three months after Apple launched its new M1 system-on-a-chip, cybercriminals have developed what may be the first malicious macOS application targeting the mobile giant's first in-house silicon. The main differentiator here is that the application includes code tailored to run on ARM-based M1 processors - rather than only the Intel x86 processors previously utilized by Apple.

Apple on Thursday published the latest edition of its Platform Security Guide, which provides detailed technical information on the security technologies and features implemented in its products. Apple started releasing security guides for its iOS operating system in 2015 and since 2019 has been publishing platform security guides that encompass information on iOS, macOS and hardware.

A researcher has spotted the first piece of Mac malware that appears to have been created specifically for devices with Apple's recently introduced M1 chip. Wardle has developed several free and open source security tools for Macs, and came up with the idea to look for malware designed to run natively on M1 systems while rebuilding his tools for native M1 compatibility.

Apple's upcoming iOS 14.5 update will come with a new feature that will redirect all fraudulent website checks through its own proxy servers as a workaround to preserve user privacy and prevent leaking IP addresses to Google. To achieve this, Apple relies on Google Safe Browsing - or Tencent Safe Browsing for users in Mainland China - a blocklist service that provides a list of URLs for web resources that contain malware or phishing content, to compare a hash prefix calculated from the website address and check if the website is fraudulent.

Apple's forthcoming iOS 14.5 release, currently in beta, will conceal the IP address of Safari web surfers from Google's Safe Browsing service, integrated into Safari to spot fraudulent websites. That means when Safari users visit a website with Safe Browsing active, their IP addresses will be associated with an Apple domain rather than their internet service provider or corporate network.

Apple on Tuesday released macOS security updates to patch a recently disclosed vulnerability in the Sudo utility. Disclosed during the last week of January 2021, the vulnerability is tracked as CVE-2021-3156, but it's also called Baron Samedit, and it has been lurking in Sudo since July 2011.

Organizations leverage software dependencies for various purposes within their environments, but they are not always aware of the risks associated with this practice, especially if they are not able to efficiently keep track of packages that are used from public repositories. To show the risks associated with using improperly managed public packages, Birsan decided to look for dependencies that known companies use, and show how these dependencies could be abused by threat actors to breach the targeted organizations.

These installers-such as Python Package Index for Python or npm and the npm registry for Node-are usually tied to public code repositories where anyone can freely upload code packages for others to use, Birsan noted. Birsan decided to answer this question last summer while attempting to hack PayPal with another ethical hacker, Justin Gardner, who shared with him "An interesting bit of Node.js source code found on GitHub," Birsan said.

Apple has rolled out a fix for a critical sudo vulnerability in macOS Big Sur, Catalina, and Mojave that could allow unauthenticated local users to gain root-level privileges on the system. Sudo is a common utility built into most Unix and Linux operating systems that lets a user without security privileges access and run a program with the credentials of another user.