Security News

Apple has rolled out a fix for a critical sudo vulnerability in macOS Big Sur, Catalina, and Mojave that could allow unauthenticated local users to gain root-level privileges on the system. Sudo is a common utility built into most Unix and Linux operating systems that lets a user without security privileges access and run a program with the credentials of another user.

Apple has fixed a sudo vulnerability in macOS Big Sur, Catalina, and Mojave, allowing any local user to gain root-level privileges. Last month, security researchers at Qualys disclosed the SUDO CVE-2021-3156 vulnerability, aka Baron Samedit, that allowed them to gain root privileges on multiple Linux distributions, including Debian, Ubuntu, and Fedora 33.

A recently discovered heap-based buffer overflow vulnerability in Linux SUDO also impacts the latest version of Apple macOS Big Sur, with no patch available yet. Last week, BleepingComputer had reported on CVE-2021-3156 aka Baron Samedit, a flaw in SUDO which lets local users gain root privileges.

Microsoft announced that Defender for Endpoint will now also help admins discover OS and software vulnerabilities affecting macOS devices on their organization's network. "This capability expansion enables organizations to discover, prioritize, and remediate both software and operating system vulnerabilities on devices running macOS," Microsoft Senior Product Manager Tomer Reisner said.

Learn how to use the Homebrew package manager to install post-exploit security tools on macOS to further assess compromised system vulnerabilities found in your Apple equipment. The collection of tools listed here may be used as standalone tools or in conjunction with other tools and kits to provide a broad or granular landscape of a particular system or the entire network of hosts.

If you're not sure how to view your SSH certificates, Jack Wallen walks you through the steps on Linux, macOS, and Windows.

Apple has removed a controversial feature from its macOS operating system that allowed the company's own first-party apps to bypass content filters, VPNs, and third-party firewalls. Called "ContentFilterExclusionList," it included a list of as many as 50 Apple apps like iCloud, Maps, Music, FaceTime, HomeKit, the App Store, and its software update service that were routed through Network Extension Framework, effectively circumventing firewall protections.

Apple has removed a contentious macOS feature that allowed some Apple apps to bypass content filters, VPNs and third-party firewalls. The feature, first uncovered in November in a beta release of the macOS Big Sur feature, was called "ContentFilterExclusionList" and included a list of at least 50 Apple apps - including Maps, Music, FaceTime, the App Store and its software update service.

We'll guide you through the process of using Homebrew package manager to install security tools on macOS to exploit vulnerabilities found in your Apple equipment. In this follow-up to the installing security tools on macOS via Homebrew series, we'll be looking at various applications that can be used to exploit any vulnerabilities that have been found after performing an assessment using scanning tools to determine what-if any-issues exist.

We'll guide you through the process of using Homebrew package manager to install security tools on macOS to assess vulnerabilities and the security posture of the devices on your network. Some tools may be used to obtain vulnerability information from generic devices, while other tools are suited only to identify specific vulnerabilities related to certain types of applications and services, such as web servers, for example.