Security News

We'll guide you through the process of using Homebrew package manager to install security tools on macOS to exploit vulnerabilities found in your Apple equipment. In this follow-up to the installing security tools on macOS via Homebrew series, we'll be looking at various applications that can be used to exploit any vulnerabilities that have been found after performing an assessment using scanning tools to determine what-if any-issues exist.

We'll guide you through the process of using Homebrew package manager to install security tools on macOS to assess vulnerabilities and the security posture of the devices on your network. Some tools may be used to obtain vulnerability information from generic devices, while other tools are suited only to identify specific vulnerabilities related to certain types of applications and services, such as web servers, for example.

Blackberry Cylance's consumer antivirus product will not support macOS Big Sur until the end of January - three months after the Apple operating system's latest version was released. The iGiant's OS hit version 11 on Friday 13th November, appropriately enough given the chaos that followed, yet despite version 11.1 being released in mid-December, Cylance still hasn't updated its Smart Antivirus product to support it.

You should always lock your computer when you walk away. I'm a firm believer in locking your computer when you step away from it for any amount of time.

Updates released this week by Apple for its macOS operating systems patch a total of 59 vulnerabilities, including roughly 30 that could lead to the execution of arbitrary code. Some of the bugs, Apple explains in its advisory, could be exploited to execute code with system or kernel privileges.

Newly discovered Windows info-stealing malware linked to an active threat group tracked as AridViper shows signs that it might be used to infect computers running Linux and macOS. The new trojan, dubbed PyMICROPSIA by Unit 42, was discovered while investigating AridViper activity, a group of Arabic speaking cyberspies focusing their attacks on Middle Eastern targets since at least 2011. While PyMICROPSIA is a Python-based malware that specifically targets Windows systems using a Windows binary generated using PyInstaller, Unit 42 has also found code snippets showing that its creators are potentially working on adding multi-platform support.

Adobe Systems has stomped out critical-severity flaws across its Adobe Prelude, Adobe Experience Manager and Adobe Lightroom applications. This month's Adobe patch roundup included a critical cross-site scripting vulnerability in Adobe Experience Manager, the company's content-management solution for building websites, mobile apps and forms.

Jack Wallen shows you how to make SSH connections even easier from your macOS machine. You probably use SSH to connect to remote machines for admin purposes.

The Vietnam-backed OceanLotus has been around since at least 2013, and previously launched targeted attacks against media, research and construction companies. Older samples of the backdoor have targeted the same region before, according to researchers with Trend Micro.

Trend Micro's security researchers have identified a new macOS backdoor that they believe is used by the Vietnamese threat actor OceanLotus. A document used in the campaign features a Vietnamese name, which has led researchers to believe that users from Vietnam have been targeted with the new malware.