Security News

Apple's latest macOS release is breaking security software, network connections
2024-09-23 00:50

PLUS: Payer of $75M ransom reportedly identified; Craigslist founder becomes security philanthropist, and more Infosec In Brief Something's wrong with macOS Sequoia, and it's breaking security...

macOS Sequoia change breaks networking for VPN, antivirus software
2024-09-20 15:45

Users of macOS 15 'Sequoia' are reporting network connection errors when using certain endpoint detection and response (EDR) or virtual private network (VPN) solutions, and web browsers. [...]

New Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted Access
2024-09-03 04:01

Eight vulnerabilities have been uncovered in Microsoft applications for macOS that an adversary could exploit to gain elevated privileges or access sensitive data by circumventing the operating...

macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users
2024-08-27 16:08

Users of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a backdoor named HZ RAT. The artifacts "almost exactly replicate the functionality of...

New macOS Malware "Cthulhu Stealer" Targets Apple Users' Data
2024-08-23 05:01

Cybersecurity researchers have uncovered a new information stealer that's designed to target Apple macOS hosts and harvest a wide range of information, underscoring how threat actors are...

New macOS Malware TodoSwift Linked to North Korean Hacking Groups
2024-08-21 11:00

Cybersecurity researchers have uncovered a new macOS malware strain dubbed TodoSwift that they say exhibits commonalities with known malicious software used by North Korean hacking groups. "This application shares several behaviors with malware we've seen that originated in North Korea - specifically the threat actor known as BlueNoroff - such as KANDYKORN and RustBucket," Kandji security researcher Christopher Lopez said in an analysis.

Vulnerabilities in Microsoft macOS apps may give attackers access to microphone, camera
2024-08-20 10:35

Vulnerabilities in popular Microsoft apps for macOS can be abused by attackers to record video and audio clips, take pictures, access and exfiltrate data and send emails, Cisco Talos researchers have discovered. Library injection vulnerabilities in Microsoft apps for macOS. The flaws - CVE-2024-41138, CVE-2024-41145, CVE-2024-41159, CVE-2024-42004, CVE-2024-41165, CVE-2024-43106, CVE-2024-39804 and CVE-2024-42220 - have been found in Microsoft Teams, OneNote, Outlook, Word, Excel and Powerpoint for macOS. They allow attackers to inject specially crafted libraries so they can assume the vulnerable apps' entitlements and the permissions they've been granted by users.

Multiple flaws in Microsoft macOS apps unpatched despite potential risks
2024-08-19 19:01

Cisco Talos says eight vulnerabilities in Microsoft's macOS apps could be abused by nefarious types to record video and sound from a user's device, access sensitive data, log user input, and escalate privileges. For users familiar with macOS, it's what's responsible for requesting your permission to run new apps, and displays prompts when those apps want to access sensitive stores such as contacts, photos, webcams, etc.

Threat Actors Increasingly Target macOS, Report Finds
2024-08-16 17:52

Intel471's new report reveals macOS is increasingly targeted by threat actors, who develop specific malware for the operating system or use cross-platform languages to achieve their goals on macOS computers. More malware than ever on macOS. Between January 2023 and July 2024, the researchers observed more than 40 threat actors targeting macOS systems with different malware types, the most popular being infostealers and trojans.

New Banshee Stealer Targets 100+ Browser Extensions on Apple macOS Systems
2024-08-16 08:28

Cybersecurity researchers have uncovered new stealer malware that's designed to specifically target Apple macOS systems. Dubbed Banshee Stealer, it's offered for sale in the cybercrime underground...