Security News

A new variant of the InterPlanetary Storm malware has been discovered, which comes with fresh detection-evasion tactics and now targets Mac and Android devices. Researchers say, the malware is building a botnet with a current estimated 13,500 infected machines across 84 countries worldwide - and that number continues to grow.

While the spyware previously targeted Windows, iOS and Android users, researchers have discovered these campaigns using new variants that target macOS and Linux users. These samples include "Jabuka.app," a FinSpy variant for macOS, and "PDF," a FinSpy variant for Linux.

We'll guide you through the process of using Homebrew package manager to install common security tools on macOS computers to assess and aid in hardening devices on your network. Typically, security admins would use a security suite that includes all the tools needed, such as Parrot or the popular Kali distribution, based on the Linux kernel.

Amnesty International today exposed details of a new surveillance campaign that targeted Egyptian civil society organizations with previously undisclosed versions of FinSpy spyware designed to target Linux and macOS systems. According to the human rights organization Amnesty International, the newly discovered campaign is not linked to 'NilePhish,' a hacking group known for attacking Egyptian NGOs in a series of attacks, involving an older version of FinSpy, phishing technique, and malicious Flash Player downloads.

Pl, has published a proof-of-concept exploit for stealing files from iOS and macOS devices via web application code that utilizes the Web Share API. The security flaw, which isn't too scary as it requires some user interaction, has not yet been repaired, though a patch is being worked on. The exploit involves getting someone to open in Safari a web page with a button that triggers the WebShareAPI in a way that launches native Mail or Gmail apps.

A campaign aimed at Mac users is spreading the XCSSET suite of malware, which has the capability to hijack the Safari web browser and inject various JavaScript payloads that can steal passwords, financial data and personal information, deploy ransomware and more. Infections are propagating via Xcode developer projects, researchers noted; the cybercriminals behind the campaign are injecting the malware into them, according to Trend Micro.

A newly discovered piece of malware designed to target macOS systems spreads through Xcode projects and exploits what researchers have described as two zero-day vulnerabilities. Named XCSSET, the malware can allow its operator to steal sensitive information and launch ransomware attacks, Trend Micro reported on Thursday.

North Korean-linked threat actor Lazarus has been employing at least four new Mac-targeting malware families in recent attacks, SentinelOne security researchers reveal. Some of the most recent malware families that Lazarus has been leveraging in attacks include the macOS version of the DaclsRAT, and the cross-platform MATA framework, which also targets Windows and Linux systems.

A week after July's Patch Tuesday, Adobe has released out-of-band security updates for vulnerabilities in four of its products - and most of them are considered to be critical in severity. The patch batch includes five critical bugs in Photoshop for both Windows and macOS allowing for code execution.

Mac users are being targeted by trojanized cryptocurrency trading apps, which once downloaded actually drain victims' cryptocurrency wallets, researchers warn. The actors behind the campaign used websites that copy Kattana's legitimate website to convince unwitting cryptocurrency enthusiasts to download the fake apps.