Security News

Malicious NPM Packages Caught Running Cryptominer On Windows, Linux, macOS Devices
2021-10-21 04:00

Three JavaScript libraries uploaded to the official NPM package repository have been unmasked as crypto-mining malware, once again demonstrating how open-source software package repositories are becoming a lucrative target for executing an array of attacks on Windows, macOS, and Linux systems. The malicious packages in question - named okhsa, klow, and klown - were published by the same developer and falsely claimed to be JavaScript-based user-agent string parsers designed to extract hardware specifics from the "User-Agent" HTTP header.

Urgent Apple iOS and macOS Updates Released to Fix Actively Exploited Zero-Days
2021-09-26 21:38

Apple on Thursday released security updates to fix multiple security vulnerabilities in older versions of iOS and macOS that it says have been detected in exploits in the wild, in addition to expanding patches for a previously plugged security weakness abused by NSO Group's Pegasus surveillance tool to target iPhone users. Chief among them is CVE-2021-30869, a type confusion flaw that resides in the kernel component XNU developed by Apple that could cause a malicious application to execute arbitrary code with the highest privileges.

Apple tried to patch this security hole in macOS Finder but didn't consider upper and lowercase characters
2021-09-22 23:07

Apple's macOS Finder application is currently vulnerable to a remote code execution bug, despite an apparent attempt to fix the problem. A security advisory published Tuesday by the SSD Secure Disclosure program, on behalf of researcher Park Minchan, explains that macOS Finder - which provides a visual interface for interacting with files - is vulnerable to documents with the.

Unpatched Apple Zero-Day in macOS Finder Allows Code Execution
2021-09-22 17:22

For those not in the Apple camp, the macOS Finder is the default file manager and GUI front-end used on all Macintosh operating systems. It's the first thing users see upon booting, and it governs the launching of other applications and the overall user management of files, disks and network volumes.

Apple will disable insecure TLS in future iOS, macOS releases
2021-09-22 16:59

Apple has deprecated the insecure Transport Layer Security 1.0 and 1.1 protocols in recently launched iOS and macOS versions and plans to remove support in future releases altogether. The original TLS 1.0 specification and its TLS 1.1 successor have been used for almost 20 years.

New macOS zero-day bug lets attackers run commands remotely
2021-09-21 20:01

Security researchers disclosed today a new vulnerability in Apple's macOS Finder, which makes it possible for attackers to run arbitrary commands on Macs running any macOS version up to the latest release, Big Sur. The bug, found by independent security researcher Park Minchan, is due to the way macOS processes inetloc files which inadvertently causes it to run any commands embedded by an attacker inside without any warnings or prompts.

Unpatched High-Severity Vulnerability Affects Apple macOS Computers
2021-09-21 19:58

Cybersecurity researchers on Tuesday disclosed details of an unpatched vulnerability in macOS Finder that could be abused by remote adversaries to trick users into running arbitrary commands on the machines. "A vulnerability in macOS Finder allows files whose extension is inetloc to execute arbitrary commands, these files can be embedded inside emails which if the user clicks on them will execute the commands embedded inside them without providing a prompt or warning to the user," SSD Secure Disclosure said in a write-up published today.

New AdLoad Variant Bypasses Apple's Security Defenses to Target macOS Systems
2021-08-16 04:40

A new wave of attacks involving a notorious macOS adware family has evolved to leverage around 150 unique samples in the wild in 2021 alone, some of which have slipped past Apple's on-device malware scanner and even signed by its own notarization service, highlighting the malicious software ongoing attempts to adapt and evade detection. The new iteration "Continues to impact Mac users who rely solely on Apple's built-in security control XProtect for malware detection," SentinelOne threat researcher Phil Stokes said in an analysis published last week.

New AdLoad Variant Bypasses Apple's Security Defenses to Target macOS Systems
2021-08-16 04:40

A new wave of attacks involving a notorious macOS adware family has evolved to leverage around 150 unique samples in the wild in 2021 alone, some of which have slipped past Apple's on-device malware scanner and even signed by its own notarization service, highlighting the malicious software ongoing attempts to adapt and evade detection. The new iteration "Continues to impact Mac users who rely solely on Apple's built-in security control XProtect for malware detection," SentinelOne threat researcher Phil Stokes said in an analysis published last week.

MacOS Flaw in Telegram Retrieves Deleted Messages
2021-08-05 15:26

A vulnerability in a high-level privacy feature of Telegram on macOS that sets up a "Self-destruct" timer for messages on both the sender's and recipient's devices can allow someone to retrieve these messages even after they've been deleted, a researcher has found. Reegun Richard Jayapaul, Trustwave SpiderLabs Lead Threat Architect, discovered the flaw in the Self-Destruct feature of Telegram MacOS, which is part of the Secret-Chats aspect of the messaging app that uses end-to-end encryption.