Security News

Apple has released security updates to fix two zero-day vulnerabilities, with one publicly disclosed and the other exploited in the wild by attackers to hack into iPhones and Macs. The first zero-day patched today [1, 2] is a memory corruption bug in the IOMobileFrameBuffer that affects iOS, iPadOS, and macOS Monterey.

In late 2021, a never before seen macOS backdoor was delivered to pro-democracy individuals in Hong Kong via fake and compromised sites by exploiting vulnerabilities in Webkit, the browser engine powering Safari, and XNU, the macOS and iOS kernel. On Tuesday, ESET researchers shared their knowledge about the attacks and the results of the analysis of that final malicious payload: a macOS backdoor with many capabilities, including collecting and exfiltrating system information, executing files, starting a remote screen session, dumping the contents of the victims' iCloud Keychain, and more.

A new family of cyber-espionage malware targeting macOS and delivered via a Safari exploit was used against politically active, pro-democracy residents of Hong Kong, in August watering-hole attacks initially discovered by Google TAG, researchers said on Tuesday. The watering-hole attacks - which TAG reported to Apple that same month - were serving an in-the-wild malware that exploited what was then a zero-day flaw to install a backdoor on the iOS and macOS devices of users who visited Hong Kong-based media and pro-democracy sites.

A new watering hole attack has been discovered targeting macOS users and visitors of a pro-democracy radio station website in Hong Kong and infecting them with the DazzleSpy malware. Watering hole attacks involve the infection of a legitimate website with malware, targeting the demographic of that site, and in some cases, only specific IP addresses.

A new cross-platform backdoor called "SysJoker" has been observed targeting machines running Windows, Linux, and macOS operating systems as part of an ongoing espionage campaign that's believed to have been initiated during the second half of 2021. "SysJoker masquerades as a system update and generates its by decoding a string retrieved from a text file hosted on Google Drive," Intezer researchers Avigayil Mechtinger, Ryan Robinson, and Nicole Fishbein noted in a technical write-up publicizing their findings.

Microsoft is now rolling out redesigned hardware indicator flyouts that align with Windows 11's design to all Windows Insiders in the Dev Channel. "We have updated the flyout design for the hardware indicators for brightness, volume, camera privacy, camera on/off and airplane mode, to align with Windows 11 design principles," Microsoft's Amanda Langowski and Brandon LeBlanc said.

Microsoft on Monday released details about a bug in macOS that Apple fixed last month - named "Powerdir" - that could let attackers hijack apps, install their own nasty apps, use the microphone to eavesdrop or grab screenshots of whatever's displayed on your screen. Introduced in 2012 in macOS Mountain Lion, TCC helps users to configure their apps' privacy settings by requiring that all apps get user consent before accessing files in Documents, Downloads, Desktop, iCloud Drive, calendar and network volumes, as well as before the apps are allowed to access the device's camera, microphone or location.

During this year's first Patch Tuesday, Microsoft has addressed a critical severity Office vulnerability that can let attackers execute malicious code remotely on vulnerable systems. The security flaw, tracked as CVE-2022-21840, is a remote code execution bug that attackers can exploit with no privileges on the targeted devices as part of low complexity attacks that require user interaction.

A new multi-platform backdoor malware named 'SysJoker' has emerged in the wild, targeting Windows, Linux, and macOS with the ability to evade detection on all three operating systems. The discovery of the new malware comes from researchers at Intezer who first saw signs of its activity in December 2021 after investigating an attack on a Linux-based web server.

A new multi-platform backdoor malware named 'SysJocker' has emerged in the wild, targeting Windows, Linux, and macOS with the ability to evade detection on all three operating systems. The discovery of the new malware comes from researchers at Intezer who first saw signs of its activity in December 2021 after investigating an attack on a Linux-based web server.