Security News

A new multi-platform backdoor malware named 'SysJoker' has emerged in the wild, targeting Windows, Linux, and macOS with the ability to evade detection on all three operating systems. The discovery of the new malware comes from researchers at Intezer who first saw signs of its activity in December 2021 after investigating an attack on a Linux-based web server.

A new multi-platform backdoor malware named 'SysJocker' has emerged in the wild, targeting Windows, Linux, and macOS with the ability to evade detection on all three operating systems. The discovery of the new malware comes from researchers at Intezer who first saw signs of its activity in December 2021 after investigating an attack on a Linux-based web server.

Dubbed SysJoker by Intezer, the backdoor is used for establishing initial access on a target machine. A possible attack vector for SysJoker is an infected npm package, according to Intezer's analysis - an increasingly popular vector for dropping malware on targets.

Microsoft on Monday disclosed details of a recently patched security vulnerability in Apple's macOS operating system that could be weaponized by a threat actor to expose users' personal information. Tracked as CVE-2021-30970, the flaw concerns a logic issue in the Transparency, Consent and Control security framework, which enables users to configure the privacy settings of their apps and provide access to protected files and app data.

Microsoft says threat actors could use a macOS vulnerability to bypass Transparency, Consent, and Control technology to access users' protected data. The Microsoft 365 Defender Research Team has reported the vulnerability dubbed powerdir to Apple on July 15, 2021, via the Microsoft Security Vulnerability Research.

Apple recently fixed a security vulnerability in the macOS operating system that could be potentially exploited by a threat actor to "Trivially and reliably" bypass a "Myriad of foundational macOS security mechanisms" and run arbitrary code. Security researcher Patrick Wardle detailed the discovery in a series of tweets on Thursday.

Apple has addressed a macOS vulnerability that unsigned and unnotarized script-based apps could exploit to bypass all macOS security protection mechanisms even on fully patched systems. Apple has addressed this vulnerability in macOS 11.6 through a security update released in September 2021 that adds improved checks.

Zoom has announced today the launch of an automatic update feature designed to streamline the update process for desktop clients. "For most individual users, automatic updates will be enabled by default. When enabled, users will have the opportunity to opt-out of automatic updates for their desktop client after the first install or first update where this feature is present," said Jeromie Clark, Security & Privacy Technical Product Manager at Zoom.

Google researchers on Thursday disclosed that it found a watering hole attack in late August exploiting a now-parched zero-day in macOS operating system and targeting Hong Kong websites related to a media outlet and a prominent pro-democracy labor and political group to deliver a never-before-seen backdoor on compromised machines. "Based on our findings, we believe this threat actor to be a well-resourced group, likely state backed, with access to their own software engineering team based on the quality of the payload code," Google Threat Analysis Group researcher Erye Hernandez said in a report.

Google researchers discovered a MacOS zero-day exploit being used against Hong Kong activists. Google's researchers were able to trigger the exploits and study them by visiting the websites compromised by the hackers.