Security News

Security researchers are blasting Apple for a feature in the latest Big Sur release of macOS that allows some Apple apps to bypass content filters and VPNs. They say it is a liability that can be exploited by threat actors to bypass firewalls and give them access to people's systems and expose their sensitive data. Despite concerns and questions among security professionals, Apple released Big Sur to the public on Nov. 12.

The first update released by Apple for macOS Big Sur 11.0 addresses 60 vulnerabilities affecting various components of the operating system. MacOS Big Sur 11.0 was officially launched on November 12 and on the same day Apple released its first update, version 11.0.1.

There are two easy ways to view your SSH public key in Linux. The above command will print out your SSH key on your Linux machine, without prompting you for your key authentication password.

Apple on Thursday issued security updates for iOS, iPadOS, watchOS, and macOS that address three holes reported by Google's Project Zero bug hunters among exploitable flaws found by others. The iPhone giant's security bulletins note that the three flaws discovered and reported by Project Zero - CVE-2020-27930, CVE-2020-27950, and CVE-2020-27932 - are being actively exploited in the wild.

Adobe has fixed critical-severity flaws tied to four CVEs in the Windows and macOS versions of its Acrobat and Reader family of application software services. These critical flaws include a heap-based buffer overflow, out-of-bounds write glitch and two use-after free flaws.

Adobe has released security updates to address critical vulnerabilities affecting ten of its Windows and macOS products that could allow attackers to execute arbitrary code on devices running vulnerable software versions. Adobe has released a security update for Adobe InDesign that fixes an Uncontrolled Search Path vulnerability in the Creative Cloud Desktop Application installer for Windows that could lead to arbitrary code execution.

We'll guide you through the process of using Homebrew package manager to install security tools on macOS to perform reconnaissance, discovery, and fingerprinting of the devices on your network. Evidenced through the classic "I'm a Mac" ads, Macs were not immune to malware: It's just that with such a negligible market share, threat actors did not really target Apple devices as much as devices running Windows, which posed a much larger target-with greater rewards for their efforts.

A Windows-based remote access Trojan believed to be designed by Pakistani hacker groups to infiltrate computers and steal users' data has resurfaced after a two-year span with retooled capabilities to target Android and macOS devices. According to cybersecurity firm Kaspersky, the malware - dubbed "GravityRAT" - now masquerades as legitimate Android and macOS apps to capture device data, contact lists, e-mail addresses, and call and text logs and transmit them to an attacker-controlled server.

Kaspersky security researchers have identified versions of the GravityRAT spyware that are targeting Android and macOS devices. In a report published on Monday, Kaspersky reveals that the malware's authors have invested a lot into making their tool cross-platform, and that, as part of an ongoing campaign, both Android and macOS are now being targeted, in addition to Windows.

The criminals behind GravityRAT spyware have rolled out new macOS and Android variants for the first time. Kaspersky researchers spotted updated GravityRAT code indicating an overhaul of the the malware.