Security News

Kaspersky security researchers have identified versions of the GravityRAT spyware that are targeting Android and macOS devices. In a report published on Monday, Kaspersky reveals that the malware's authors have invested a lot into making their tool cross-platform, and that, as part of an ongoing campaign, both Android and macOS are now being targeted, in addition to Windows.

The criminals behind GravityRAT spyware have rolled out new macOS and Android variants for the first time. Kaspersky researchers spotted updated GravityRAT code indicating an overhaul of the the malware.

GravityRAT, a malware strain known for checking the CPU temperature of Windows computers to detect virtual machines or sandboxes, is now multi-platform spyware as it can now also be used to infect Android and macOS devices. While the malware authors previously focused their efforts on targeting Windows machines, a sample discovered by Kaspersky researchers last year shows that they are now adding macOS and Android support.

Apple on Thursday informed customers that it patched a total of four vulnerabilities across macOS Catalina, High Sierra and Mojave. Apple says exploitation of the flaw, which involves the processing of a malicious USD file, could lead to arbitrary code execution or a DoS condition.

A recently identified adware campaign targeting macOS users is leveraging malicious code that has received Apple's approval. The approval, or notarization, as Apple calls it, is an automated process through which software is scanned before reaching macOS users, to ensure that it does not include malicious code.

Shlayer adware creators have found a way to get their malicious payload notarized by Apple, allowing it to bypass anti-malware checks performed by macOS before installing any software. The first known instance of notarized macOS malware was discovered last week, by a college student who noticed that people who want to download Homebrew and make the mistake of entering the wrong URL are getting served with a warning saying their Adobe Flash Player is out of date and offering an update for download. Security researcher Patrick Wardle analyzed the served package and confirmed that it is not an update, but a notarized version of the macOS Shlayer adware, which doesn't get detected as malicious by Gatekeeper.

A new "Zero-click" MacOS exploit chain could allow attackers to deliver malware to MacOS users using a Microsoft Office document with macros. The exploit chain, revealed by Patrick Wardle, principal security researcher with Jamf, at Black Hat USA 2020, runs macros without an alert or prompt from the Microsoft Office application that prompts explicit user approval - meaning that when a user opens the document, the macro is automatically executed.

A researcher found a way to deliver malware to macOS systems using a Microsoft Office document containing macro code. Macros enable Office users to automate frequent tasks using VBA code.

Acunetix is now available on macOS. Customers can now harness the full power of Acunetix using their operating system of choice - Windows, Linux, macOS, or the cloud. Acunetix pioneered dynamic application security testing, was the first business-class web application security scanner on Linux, and is now the first on macOS as well.

Apple has released a fresh batch of software security updates for its flagship devices. For iOS and iPadOS the 13.6 update includes fixes for 29 CVE-listed vulnerabilities, 10 involving arbitrary code execution.