Security News

New macOS Malware TodoSwift Linked to North Korean Hacking Groups
2024-08-21 11:00

Cybersecurity researchers have uncovered a new macOS malware strain dubbed TodoSwift that they say exhibits commonalities with known malicious software used by North Korean hacking groups. "This application shares several behaviors with malware we've seen that originated in North Korea - specifically the threat actor known as BlueNoroff - such as KANDYKORN and RustBucket," Kandji security researcher Christopher Lopez said in an analysis.

Vulnerabilities in Microsoft macOS apps may give attackers access to microphone, camera
2024-08-20 10:35

Vulnerabilities in popular Microsoft apps for macOS can be abused by attackers to record video and audio clips, take pictures, access and exfiltrate data and send emails, Cisco Talos researchers have discovered. Library injection vulnerabilities in Microsoft apps for macOS. The flaws - CVE-2024-41138, CVE-2024-41145, CVE-2024-41159, CVE-2024-42004, CVE-2024-41165, CVE-2024-43106, CVE-2024-39804 and CVE-2024-42220 - have been found in Microsoft Teams, OneNote, Outlook, Word, Excel and Powerpoint for macOS. They allow attackers to inject specially crafted libraries so they can assume the vulnerable apps' entitlements and the permissions they've been granted by users.

Multiple flaws in Microsoft macOS apps unpatched despite potential risks
2024-08-19 19:01

Cisco Talos says eight vulnerabilities in Microsoft's macOS apps could be abused by nefarious types to record video and sound from a user's device, access sensitive data, log user input, and escalate privileges. For users familiar with macOS, it's what's responsible for requesting your permission to run new apps, and displays prompts when those apps want to access sensitive stores such as contacts, photos, webcams, etc.

Threat Actors Increasingly Target macOS, Report Finds
2024-08-16 17:52

Intel471's new report reveals macOS is increasingly targeted by threat actors, who develop specific malware for the operating system or use cross-platform languages to achieve their goals on macOS computers. More malware than ever on macOS. Between January 2023 and July 2024, the researchers observed more than 40 threat actors targeting macOS systems with different malware types, the most popular being infostealers and trojans.

New Banshee Stealer Targets 100+ Browser Extensions on Apple macOS Systems
2024-08-16 08:28

Cybersecurity researchers have uncovered new stealer malware that's designed to specifically target Apple macOS systems. Dubbed Banshee Stealer, it's offered for sale in the cybercrime underground...

0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices
2024-08-08 13:25

Cybersecurity researchers have discovered a new "0.0.0.0 Day" impacting all major web browsers that malicious websites could take advantage of to breach local networks. The critical vulnerability "Exposes a fundamental flaw in how browsers handle network requests, potentially granting malicious actors access to sensitive services running on local devices," Oligo Security researcher Avi Lumelsky said.

macOS Sequoia brings better Gatekeeper, stalkerware protections
2024-08-07 16:59

Apple's macOS Sequoia, now in beta testing, will make it harder to bypass Gatekeeper warnings and add system alerts for potential stalkerware threats. [...]

Apple’s New macOS Sequoia Tightens Gatekeeper Controls to Block Unauthorized Software
2024-08-07 06:12

Apple on Tuesday announced an update to its next-generation macOS version that makes it a little more difficult for users to override Gatekeeper protections. Gatekeeper is a crucial line of defense built into macOS designed to ensure that only trusted apps run on the operating system.

North Korea-Linked Malware Targets Developers on Windows, Linux, and macOS
2024-07-31 13:08

The threat actors behind an ongoing malware campaign targeting software developers have demonstrated new malware and tactics, expanding their focus to include Windows, Linux, and macOS systems. DEV#POPPER is the moniker assigned to an active malware campaign that tricks software developers into downloading booby-trapped software hosted on GitHub under the guise of a job interview.

Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials
2024-07-27 05:47

Cybersecurity researchers have discovered a malicious package on the Python Package Index repository that targets Apple macOS systems with the goal of stealing users' Google Cloud credentials from a narrow pool of victims. The package, named "Lr-utils-lib," attracted a total of 59 downloads before it was taken down.