Security News

Apple has emitted a bundle of security fixes ranging across its product lines. For the flagship iOS, the 13.4 update includes fixes for 30 security holes.

On the first day of the Pwn2Own 2020 hacking competition, participants earned a total of $180,000 for demonstrating exploits targeting Windows 10, Ubuntu Desktop and macOS. Pwn2Own typically takes place at the CanSecWest cybersecurity conference in Vancouver, Canada, and participants have to attend in person. On the first day of Pwn2Own 2020, a team from the Georgia Tech Systems Software & Security Lab successfully executed code on macOS through Safari.

Microsoft has released PowerShell 7, the latest major update to its popular task automation tool and configuration management framework that can be used on various operating systems. PowerShell was initially a Windows component, but was open-sourced in 2016 and made available for Windows, macOS and various Linux distributions.

SAN FRANCISCO - Advanced persistent threat groups are hitting Apple devices with malware that has been reverse engineered and redeployed for malicious acts. Despite these threats, Wardle said that when it comes to security, Apple's moving in a "Positive" direction, adding more malware mitigation or security features into their operating system.

Joe Vennix of Apple security has found another significant vulnerability in sudo utility that under a specific configuration could allow low privileged users or malicious programs to execute arbitrary commands with administrative privileges on Linux or macOS systems. Sudo has been designed to let users run apps or commands with the privileges of a different user without switching environments.

Apple this week released software updates to address tens of security flaws in iOS, iPadOS, macOS Catalina, and other products. A total of 23 vulnerabilities were addressed in iOS 13.3.1 and iPadOS 13.3.1, now rolling out for iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation.

Malware hunters are sounding the alarm over a new, more effective version of the North Korean "Apple Jeus" macOS software nasty. "To attack macOS users, the Lazarus group has developed homemade macOS malware, and added an authentication mechanism to deliver the next stage payload very carefully, as well as loading the next-stage payload without touching the disk."

If you have a reason to log in to your macOS machine, from a remote machine on your network, why not enable the SSH daemon.

Security updates released by Apple this week address numerous vulnerabilities in macOS Catalina, iOS and iPadOS, Safari, and other software products. read more

MDS 2.0 helps admins modernize their workflow and deploy Apple hardware and software. Also, this Mac deployment utility is free.