Security News

Finally, we learned about some ransomware attacks, with an NCR outage confirmed to be ransomware and Capita confirming that data was stolen in a cyberattack. The LockBit ransomware gang has created encryptors targeting Macs for the first time, likely becoming the first major ransomware operation to ever specifically target macOS. The LockBit ransomware comes for macOS A technical analysis of the LockBit macOS encryptor April 17th 2023 Ex-Conti members and FIN7 devs team up to push new Domino malware.

LockBit has developed ransomware that can encrypt files on Arm-powered Macs, said to be a first for the prolific cybercrime crew. "As much as I can tell, this is the first Apple's Mac devices targeting build of LockBit ransomware sample seen," MHT tweeted over the weekend.

The LockBit ransomware gang has created encryptors targeting Macs for the first time, likely becoming the first major ransomware operation to ever specifically target macOS. The new ransomware encryptors were discovered by cybersecurity researcher MalwareHunterTeam who found a ZIP archive on VirusTotal that contained what appears to be all of the available LockBit encryptors. Historically, the LockBit operation uses encryptors designed for attacks on Windows, Linux, and VMware ESXi servers.

Apple has pushed out security updates that fix two actively exploited zero-day vulnerabilities in macOS, iOS and iPadOS. Reported by researchers Clément Lecigne of Google's Threat Analysis Group and Donncha Cearbhaill, the head of Amnesty International's Security Lab, the vulnerabilities have been exploited in tandem to achieve full device compromise - with the likely goal to install spyware on target devices. CVE-2023-28206 is an out-of-bounds write issue in IOSurfaceAccelerator that can be exploited by a malicious app to execute arbitrary code with kernel privileges.

Simply put, there were zero days during which even the most proactive and cybersecurity conscious users amongst us could have been patched in advance of the crooks. Just to be clear: the Apple Safari browser uses WebKit for "Processing web content" on all Apple devices, although third-party browsers such as Firefox, Edge and Chromium don't use WebKit on Mac.

The Cybersecurity and Infrastructure Security Agency ordered federal agencies to patch two security vulnerabilities actively exploited in the wild to hack iPhones, Macs, and iPads. According to a binding operational directive issued in November 2022, Federal Civilian Executive Branch Agencies agencies are required to patch their systems against all security bugs added to CISA's Known Exploited Vulnerabilities catalog.

Apple has released emergency security updates to address two new zero-day vulnerabilities exploited in attacks to compromise iPhones, Macs, and iPads. Last week, Google TAG and Amnesty International exposed two recent series of attacks using exploit chains of Android, iOS, and Chrome zero-day and n-day flaws to deploy mercenary spyware.

Microsoft says its Outlook for Mac email and calendar client is now available for free, and it will no longer require an Office license or a Microsoft 365 subscription to be used. Outlook for Mac comes with support for Microsoft 365, Outlook.com, Gmail, Yahoo Mail, iCloud, IMAP, and POP accounts, according to its Mac App Store page.

The latest version of Google Chrome for macOS includes new optimizations that increase battery life on MacBooks. The reason why Google is optimizing Chrome battery consumption on Macs is likely because users report that Safari has much better performance on the system, leading them to use Apple's browser instead. Chrome's latest improvements will also be felt by those using older Apple hardware like Intel-based Macbooks.

Security researchers discovered a cryptomining operation targeting macOS with a malicious version of Final Cut Pro that remains largely undetected by antivirus engines. From the first generation, the malware used an i2p network layer for command and control communications to anonymize traffic.