Security News

Apple's macOS 11.3 fixes a zero-day exploit and includes M1 improvements
2021-04-28 18:46

The latest update to Apple's Big Sur includes critical security patches, which is why Cory Bohon advises upgrading your macOS devices now. Apple released macOS 11.3 on April 26, 2021 to the public.

Hackers Exploit 0-Day Gatekeeper Flaw to Attack macOS Computers
2021-04-27 23:42

"An unsigned, unnotarized, script-based proof of concept application could trivially and reliably sidestep all of macOS's relevant security mechanisms, even on a fully patched M1 macOS system," security researcher Patrick Wardle explained in a write-up. "Armed with such a capability macOS malware authors could returning to their proven methods of targeting and infecting macOS users."

Apple Patches Zero-Day MacOS Bug That Can Bypass Anti-Malware Defenses
2021-04-27 11:45

Apple patched a zero-day vulnerability in its MacOS that can bypass critical anti-malware capabilities and which a variant of the notorious Mac threat Shlayer adware dropper already has been exploiting for several months. Security researcher Cedric Owens first discovered the vulnerability, tracked as CVE-2021-30657 and patched in macOS 11.3, an update dropped by Apple on Monday.

Apple Patches macOS Security Bypass Vulnerability Exploited by 'Shlayer' Malware
2021-04-27 11:13

Apple has patched a serious security bypass vulnerability in macOS that has been exploited in the wild by at least one threat group. The Big Sur update fixes nearly 60 security holes, including a logic issue tracked as CVE-2021-30657 that, Apple says, can allow a malicious application to bypass Gatekeeper checks.

Apple patches macOS zero-day exploited by malware for months (CVE-2021-30657)
2021-04-27 10:19

Apple has patched a critical macOS zero-day that has been exploited by Shlayer malware for months and has finally introduced/enabled the App Tracking Transparency feature and policy in iOS, iPadOS and tvOS. A zero-day exploited by malware peddlers. Discovered by security researcher Cedric Owens and privately reported to Apple in March 2021, CVE-2021-30657 is a logic issue that allowed attackers to craft a macOS payload that is not checked by Gatekeeper, the macOS's security feature that verifies downloaded applications before allowing them to run, and bypasses File Quarantine and Application Notarization protections as well.

Apple fixes macOS zero-day bug exploited by Shlayer malware
2021-04-26 19:21

Apple has fixed a zero-day vulnerability in macOS exploited in the wild by Shlayer malware to bypass Apple's File Quarantine, Gatekeeper, and Notarization security checks and download second-stage malicious payloads. The Jamf Protect detection team discovered that starting January 2021, the Shlayer threat actors created unsigned and unnotarized Shlayer samples have begun exploiting a zero-day vulnerability, discovered and reported to Apple by security engineer Cedric Owens.

Critical RCE Bug Found in Homebrew Package Manager for macOS and Linux
2021-04-26 00:33

A recently identified security vulnerability in the official Homebrew Cask repository could have been exploited by an attacker to execute arbitrary code on users' machines that have Homebrew installed. The issue, which was reported to the maintainers on April 18 by a Japanese security researcher named RyotaK, stemmed from the way code changes in its GitHub repository were handled, resulting in a scenario where a malicious pull request - i.e., the proposed changes - could be automatically reviewed and approved.

New Linux, macOS malware hidden in fake Browserify NPM package
2021-04-13 18:17

A new malicious package has been spotted this week on the npm registry, which targets NodeJS developers using Linux and Apple macOS operating systems. The malicious package is called "Web-browserify," and imitates the popular Browserify npm component downloaded over 160 million times over its lifetime.

Cisco addresses critical bug in Windows, macOS Jabber clients
2021-03-24 18:08

Cisco has addressed a critical arbitrary program execution vulnerability impacting several versions of Cisco Jabber client software for Windows, macOS, Android, and iOS. Cisco Jabber is a web conferencing and instant messaging app that allows users to send messages via the Extensible Messaging and Presence Protocol. The vulnerability does not affect Cisco Jabber client software configured for Team Messaging or Phone-only modes.

Trojanized Xcode Project Slips MacOS Malware to Apple Developers
2021-03-18 19:42

Cybercriminals are targeting Apple developers with a trojanized Xcode project, which once launched installs a backdoor that has spying and data exfiltration capabilities. Xcode is comprised of a suite of free, open software development tools developed by Apple for creating software for macOS, iOS, iPadOS, watchOS and tvOS. Thus, any apps built on top of the project automatically include the malicious code.