Security News

We'll guide you through the process of using Homebrew package manager to install common security tools on macOS computers to assess and aid in hardening devices on your network. Typically, security admins would use a security suite that includes all the tools needed, such as Parrot or the popular Kali distribution, based on the Linux kernel.

Amnesty International today exposed details of a new surveillance campaign that targeted Egyptian civil society organizations with previously undisclosed versions of FinSpy spyware designed to target Linux and macOS systems. According to the human rights organization Amnesty International, the newly discovered campaign is not linked to 'NilePhish,' a hacking group known for attacking Egyptian NGOs in a series of attacks, involving an older version of FinSpy, phishing technique, and malicious Flash Player downloads.

Pl, has published a proof-of-concept exploit for stealing files from iOS and macOS devices via web application code that utilizes the Web Share API. The security flaw, which isn't too scary as it requires some user interaction, has not yet been repaired, though a patch is being worked on. The exploit involves getting someone to open in Safari a web page with a button that triggers the WebShareAPI in a way that launches native Mail or Gmail apps.

A campaign aimed at Mac users is spreading the XCSSET suite of malware, which has the capability to hijack the Safari web browser and inject various JavaScript payloads that can steal passwords, financial data and personal information, deploy ransomware and more. Infections are propagating via Xcode developer projects, researchers noted; the cybercriminals behind the campaign are injecting the malware into them, according to Trend Micro.

A newly discovered piece of malware designed to target macOS systems spreads through Xcode projects and exploits what researchers have described as two zero-day vulnerabilities. Named XCSSET, the malware can allow its operator to steal sensitive information and launch ransomware attacks, Trend Micro reported on Thursday.

North Korean-linked threat actor Lazarus has been employing at least four new Mac-targeting malware families in recent attacks, SentinelOne security researchers reveal. Some of the most recent malware families that Lazarus has been leveraging in attacks include the macOS version of the DaclsRAT, and the cross-platform MATA framework, which also targets Windows and Linux systems.

A week after July's Patch Tuesday, Adobe has released out-of-band security updates for vulnerabilities in four of its products - and most of them are considered to be critical in severity. The patch batch includes five critical bugs in Photoshop for both Windows and macOS allowing for code execution.

Mac users are being targeted by trojanized cryptocurrency trading apps, which once downloaded actually drain victims' cryptocurrency wallets, researchers warn. The actors behind the campaign used websites that copy Kattana's legitimate website to convince unwitting cryptocurrency enthusiasts to download the fake apps.

The developers of the Mac malware named ThiefQuest continue to improve their creation and researchers noticed that the latest versions of the threat no longer include ransomware functionality. Security experts noticed that the ransomware functionality was incomplete and the main goal of the malware was likely not to help threat actors make a profit from the ransom paid by victims.

Security researchers at ESET have identified a new campaign targeting Mac users with trojanized cryptocurrency trading apps designed to deliver the GMERA malware. Previous attacks involving this malware family were observed leveraging malicious versions of the trading app Stockfolio, and security researchers also associated the GMERA Trojan with the activities of North Korean hackers.