Security News

When camera mode rendering context is enabled as part of the Zoom App Layers API by running certain Zoom Apps, a local debugging port is opened by the Zoom client. A "Debugging port" typically refers to a listening network connection, usually a TCP socket, that handles debugging requests.

Mac users can now try the privacy features in the DuckDuckGo browser as the app has entered the beta stage of development. As expected, the default search engine is the privacy-centric DuckDuckGo that generates objective results without any bias or "User preference" factors.

New Alchimist attack framework hits Windows, Linux and Mac. During initialization, all its content is placed in hard coded folders, namely /tmp/Res for the web interface, HTML files and more folders, and /tmp/Res/Payload for its payloads for Windows and Linux operating systems.

A popular myth says that "Mac's don't get viruses," but that's never quite been true - and today's Mac users face more cyberthreats than ever before. You've probably heard that Mac computers are somehow more resistant to viruses than their Windows counterparts.

Security analysts have found a severe security vulnerability in the desktop app for Microsoft Teams that gives threat actors access to authentication tokens and accounts with multi-factor authentication turned on. The newly discovered security issue impacts versions of the application for Windows, Linux, and Mac and refers to Microsoft Teams storing user authentication tokens in clear text without protecting access to them.

Apple has released security updates to address the eighth zero-day vulnerability used in attacks against iPhones and Macs since the start of the year. In security advisories issued on Monday, Apple revealed they're aware of reports saying this security flaw "May have been actively exploited."

How to unlock 1Password on a Mac We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. They're also impossible to remember, and that's the whole point: You only need to know how to unlock your 1Password vault and then you can access all your ultra-secure passwords and use the 1Password browser extensions to auto-fill them in your web browser.

Apple has released emergency security updates today to fix two zero-day vulnerabilities previously exploited by attackers to hack iPhones, iPads, or Macs. Today, Apple has released macOS Monterey 12.5.1 and iOS 15.6.1/iPadOS 15.6.1 to resolve two zero-day vulnerabilities that are reported to have been actively exploited.

Given the apparent speed and ease with which Zoom was able to emit a patch for the bug, dubbed CVE-2022-28756, you're probably wondering why Wardle didn't tell Zoom about the bug in advance, setting the day of his speech as the deadline for revealing the details. That would have given Zoom time to push out the update to its many Mac users, thus eliminating the gap between Wardle explaining to the world how to abuse the bug, and the patching of the bug.

ESET researchers discovered CloudMensis, a macOS backdoor that spies on users of compromised Macs and uses public cloud storage services to communicate back and forth with its operators. Outline of how CloudMensis uses cloud storage services.