Tag: macOS
-
NotLockBit Previously Unknown Ransomware Attack Windows macOS
by
in SecurityNewsA new and advanced ransomware family, dubbed NotLockBit, has emerged as a significant threat in the cybersecurity landscape, closely mimicking the behavior and tactics of the notorious LockBit ransomware. NotLockBit notably distinguishes itself by being one of the first ransomware strains designed to effectively attack both macOS and Windows operating systems, showcasing powerful cross-platform capabilities.…
-
Foxit PDF Editor und Reader: Attacken über präparierte PDF-Dateien möglich
by
in SecurityNewsPDF-Anwendungen von Foxit sind unter macOS und Windows verwundbar. Sicherheitsupdates stehen bereit. First seen on heise.de Jump to article: www.heise.de/news/Foxit-PDF-Editor-und-Reader-Attacken-ueber-praeparierte-PDF-Dateien-moeglich-10211267.html
-
Apple stopft schwere Sicherheitslücken, kein Patch für iOS 17
by
in SecurityNewsApples jüngste Updates schließen viele Schwachstellen in iOS, macOS und iPadOS, darunter kritische. Für iOS 17 gibt es wohl keine Patches mehr. First seen on heise.de Jump to article: www.heise.de/news/Apple-stopft-schwere-Sicherheitsluecken-kein-Patch-fuer-iOS-17-10196897.html
-
Apple Pushes Major iOS, macOS Security Updates
by
in SecurityNewsCupertino ships iOS 18.2 and macOS Sequoia 15.2 patches to fix data leakage, sandbox escapes and code exection vulnerabilities. The post Apple Pushes Major iOS, macOS Security Updates appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/apple-pushes-major-ios-macos-security-updates/
-
SPA is for Single-Page Abuse! Using Single-Page Application Tokens to Enumerate Azure
by
in SecurityNewsAuthor: Lance B. Cain Overview Microsoft Azure is a leading cloud provider offering technology solutions to companies, governments, and other organizations around the globe. As such, many entitles have begun adopting Azure for their technology needs to include identity, authentication, storage, application management, and web services. One of the most common methods for organizations to begin…
-
New Meeten Malware Attacking macOS And Windows Users To Steal Logins
by
in SecurityNewsA sophisticated crypto-stealing malware, Realst, has been targeting Web3 professionals, as the threat actors behind this campaign have employed AI-generated content to create fake companies, such as >>Meetio,
-
EDR-Software ein Kaufratgeber
by
in SecurityNews
Tags: ai, android, api, backup, browser, chrome, cloud, computing, crowdstrike, cyberattack, detection, edr, endpoint, firewall, identity, incident response, intelligence, iot, kubernetes, linux, macOS, mail, malware, microsoft, network, ransomware, risk, siem, soar, software, sophos, threat, tool, windows, zero-day -
Moonlock’s 2024 macOS threat report
by
in SecurityNewsFirst seen on thesecurityblogger.com Jump to article: www.thesecurityblogger.com/moonlocks-2024-macos-threat-report/
-
Windows, macOS users targeted with cryptoinfo-stealing malware
Downloading anything from the internet is a gamble these days: you might think that you are downloading an innocuous app from a legitimate firm but thanks to clever misuse of … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/06/information-cryptocurrency-stealing-malware-windows-macos/
-
Apple-Passwörter in Chrome, Edge und Firefox nutzen: So geht es unter Windows und macOS
First seen on t3n.de Jump to article: t3n.de/news/apple-passwoerter-chrome-edge-firefox-windows-macos-1661732/
-
NachoVPN Tool Exploits Flaws in Popular VPN Clients for System Compromise
by
in SecurityNews
Tags: access, cybersecurity, exploit, flaw, macOS, network, remote-code-execution, tool, vpn, windowsCybersecurity researchers have disclosed a set of flaws impacting Palo Alto Networks and SonicWall virtual private network (VPN) clients that could be potentially exploited to gain remote code execution on Windows and macOS systems.”By targeting the implicit trust VPN clients place in servers, attackers can manipulate client behaviours, execute arbitrary commands, and gain high levels…
-
Apple Safari JavaScriptCore Remote Code Execution Flaw Exploited in the Wild
by
in SecurityNews
Tags: apple, cve, cyber, exploit, flaw, macOS, remote-code-execution, software, threat, vulnerabilityA critical vulnerability identified as CVE-2024-44308 has been actively exploited in the wild, affecting multiple versions of Apple Safari across iOS, visionOS, and macOS platforms. This flaw, located within WebKit’s DFG JIT compiler, poses a significant threat by allowing remote code execution (RCE). Affected Software and Versions Here’s a table summarizing the affected software and…
-
Sophos analysiert Infostealer AMOS: Neue Bedrohung für macOS-Nutzer
by
in SecurityNewsUm sich vor Infostealern wie AMOS zu schützen, sollten Nutzer ausschließlich Software von seriösen Quellen installieren und besonders vorsichtig mit P… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sophos-analysiert-infostealer-amos-neue-bedrohung-fuer-macos-nutzer/a38249/
-
NokNok: Neue Malware hat es auf MacOS abgesehen
by
in SecurityNewsDie Hackergruppe Charming Kitten hat mit NokNok eine neue Malware in Umlauf gebracht, die es auf MacOS abgesehen hat. Statt auf Word-Dateien setzen di… First seen on 8com.de Jump to article: www.8com.de/cyber-security-blog/noknok-neue-malware-hat-es-auf-macos-abgesehen
-
The Changing Threat Landscape: Infostealers and the MacOS goldmine
by
in SecurityNewsFirst seen on blog.f-secure.com Jump to article: blog.f-secure.com/infostealers-and-macos/
-
iPhone Users Urged to Update to Patch 2 Zero-Days
Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack… First seen on threatpost.com Jump to article: threatpost.com/iphone-users-urged-to-update-to-patch-2-zero-days-under-attack/180448/
-
Godot Engine Exploited to Spread Malware on Windows, macOS, Linux
by
in SecurityNewsCheck Point Research has discovered cybercriminals exploiting the popular Godot Game Engine to deliver malicious software. Discover the techniques used by attackers and how to protect yourself from these threats. First seen on hackread.com Jump to article: hackread.com/godot-engine-malware-on-windows-macos-linux/
-
Wie man Videospiel-Engines für Hacking missbraucht
by
in SecurityNewsCheck Point Software Technologies kam einer neuen Hacker-Masche auf die Spur. Mithilfe der Gaming-Engine können Cyberkriminelle verschiedene Betriebssysteme von vernetzten Geräten attackieren, darunter Windows, MacOS, Linux, Android und iOS. Verbreitet wird der schädliche Code von dem Malware-Netzwerk , die Check Point vor einigen Monaten untersucht hatte, über die Open-Source-Plattform Github. In […] First seen on…
-
Popular game script spoofed to infect thousands of game developers
by
in SecurityNewsA malware loader, now named GodLoader, has been observed to be using Godot, a free and open-source game engine, as its runtime to execute malicious codes and has dropped known malware on at least 17,000 machines.Unaware users of the engine, which helps create 2D and 3D games and deploy them across various platforms including Windows,…
-
Source Code Of macOS Banshee Stealer Leaked
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36643/Source-Code-Of-macOS-Banshee-Stealer-Leaked.html
-
Banshee Stealer Quellcode geleakt: macOS-Malware unschädlich gemacht
by
in SecurityNewsCyberkriminelle geben auf: Die Malware Banshee Stealer für MacOS wurde nach Veröffentlichung des Quellcodes aufgegeben. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/banshee-stealer-quellcode-geleakt-macos-malware-unschaedlich-gemacht-304847.html
-
Lazarus Hackers Exploits macOS Extended Attributes To Evade Detection
by
in SecurityNewsThe xattr command in Unix-like systems allows for the embedding of hidden metadata within files, similar to Windows ADS, known as Rustyattr, which is being exploited by threat actors like Lazarus Group to stealthily conceal malicious payloads within seemingly benign files. The Lazarus Group is covertly embedding malicious data within system files using xattr, a…
-
Source Code of $3,000Month macOS Malware ‘Banshee Stealer’ Leaked
by
in AllgemeinThe Banshee Stealer macOS malware operation, which emerged earlier this year, was reportedly shut down following a source code leak. The post Source Code of $3,000-a-Month macOS Malware ‘Banshee Stealer’ Leaked appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/source-code-of-3000-a-month-macos-malware-banshee-stealer-leaked/
-
The source code of Banshee Stealer leaked online
by
in SecurityNewsBanshee Stealer, a MacOS Malware-as-a-Service, shut down after its source code leaked online. The code is now available on GitHub. In August 2024, Russian hackers promoted BANSHEE Stealer, a macOS malware targeting x86_64 and ARM64, capable of stealing browser data, crypto wallets, and more. BANSHEE Stealer supports basic evasion techniques, relies on the sysctl API…
-
Weaponized pen testers are becoming a new hacker staple
by
in SecurityNews
Tags: access, attack, cloud, credentials, defense, google, hacker, iam, intelligence, linux, macOS, malicious, malware, microsoft, open-source, password, penetration-testing, RedTeam, software, strategy, threat, tool, vulnerability, windowsMalicious adaptations of popular red teaming tools like Cobalt Strike and Metasploit are causing substantial disruption, emerging as a dominant strategy in malware campaigns.According to research by threat-hunting firm Elastic, known for its search-powered solutions, these two conventional penetration testing tools were weaponized to account for almost half of all malware activities in 2024.”The most…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 21
by
in SecurityNewsSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Fake AI video generators infect Windows, macOS with infostealers How Italy became an unexpected spyware hub Babble Babble Babble Babble Babble Babble BabbleLoader One Sock Fits All: The use and abuse of the NSOCKS botnet Helldown…