Security News

Apple on Thursday published the latest edition of its Platform Security Guide, which provides detailed technical information on the security technologies and features implemented in its products. Apple started releasing security guides for its iOS operating system in 2015 and since 2019 has been publishing platform security guides that encompass information on iOS, macOS and hardware.

A researcher has spotted the first piece of Mac malware that appears to have been created specifically for devices with Apple's recently introduced M1 chip. Wardle has developed several free and open source security tools for Macs, and came up with the idea to look for malware designed to run natively on M1 systems while rebuilding his tools for native M1 compatibility.

Apple's upcoming iOS 14.5 update will come with a new feature that will redirect all fraudulent website checks through its own proxy servers as a workaround to preserve user privacy and prevent leaking IP addresses to Google. To achieve this, Apple relies on Google Safe Browsing - or Tencent Safe Browsing for users in Mainland China - a blocklist service that provides a list of URLs for web resources that contain malware or phishing content, to compare a hash prefix calculated from the website address and check if the website is fraudulent.

Apple's forthcoming iOS 14.5 release, currently in beta, will conceal the IP address of Safari web surfers from Google's Safe Browsing service, integrated into Safari to spot fraudulent websites. That means when Safari users visit a website with Safe Browsing active, their IP addresses will be associated with an Apple domain rather than their internet service provider or corporate network.

Apple on Tuesday released macOS security updates to patch a recently disclosed vulnerability in the Sudo utility. Disclosed during the last week of January 2021, the vulnerability is tracked as CVE-2021-3156, but it's also called Baron Samedit, and it has been lurking in Sudo since July 2011.

Organizations leverage software dependencies for various purposes within their environments, but they are not always aware of the risks associated with this practice, especially if they are not able to efficiently keep track of packages that are used from public repositories. To show the risks associated with using improperly managed public packages, Birsan decided to look for dependencies that known companies use, and show how these dependencies could be abused by threat actors to breach the targeted organizations.

These installers-such as Python Package Index for Python or npm and the npm registry for Node-are usually tied to public code repositories where anyone can freely upload code packages for others to use, Birsan noted. Birsan decided to answer this question last summer while attempting to hack PayPal with another ethical hacker, Justin Gardner, who shared with him "An interesting bit of Node.js source code found on GitHub," Birsan said.

Apple has rolled out a fix for a critical sudo vulnerability in macOS Big Sur, Catalina, and Mojave that could allow unauthenticated local users to gain root-level privileges on the system. Sudo is a common utility built into most Unix and Linux operating systems that lets a user without security privileges access and run a program with the credentials of another user.

Apple has fixed a sudo vulnerability in macOS Big Sur, Catalina, and Mojave, allowing any local user to gain root-level privileges. Last month, security researchers at Qualys disclosed the SUDO CVE-2021-3156 vulnerability, aka Baron Samedit, that allowed them to gain root privileges on multiple Linux distributions, including Debian, Ubuntu, and Fedora 33.

A researcher managed to breach over 35 major companies' internal systems, including Microsoft, Apple, PayPal, Shopify, Netflix, Yelp, Tesla, and Uber, in a novel software supply chain attack. Unlike traditional typosquatting attacks that rely on social engineering tactics or the victim misspelling a package name, this particular supply chain attack is more sophisticated as it needed no action by the victim, who automatically received the malicious packages.