Tag: macOS
-
Steam cuts the cord for legacy Windows and macOS
by
in SecurityNewsDon’t say you weren’t warned First seen on theregister.com Jump to article: www.theregister.com/2024/11/20/valve_steam_legacy_os/
-
macOS WorkflowKit Race Vulnerability Allows Malicious Apps to Intercept Shortcuts
by
in SecurityNewsA race condition vulnerability in Apple’s WorkflowKit has been identified, allowing malicious applications to intercept and manipulate shortcuts on macOS systems. This vulnerability, cataloged as CVE-2024-27821, affects the shortcut extraction and generation processes within the WorkflowKit framework, which is integral to the Shortcuts app on macOS Sonoma. macOS WorkflowKit Race Vulnerability The vulnerability arises from…
-
Apple Confirms Zero Day Attacks Hitting macOS Systems
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36616/Apple-Confirms-Zero-Day-Attacks-Hitting-macOS-Systems.html
-
Apple Security Update: Addressing Critical Vulnerabilities in Apple Software
by
in SecurityNewsApple recently rolled out a security update that addresses critical vulnerabilities in multiple Apple devices. Released on November 19, the Apple security update impacts various platforms, including iOS, iPadOS, macOS, visionOS, and Safari, and is aimed at protecting users from increasingly sophisticated cyber threats. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/apple-security-update-nov-2024/
-
MacOS-Nutzer attackiert: Apple patcht aktiv ausgenutzte Sicherheitslücken
by
in SecurityNewsApple hat bestätigt, dass Angriffe auf Intel-basierte Macs beobachtet wurden. iOS, iPadOS, VisionOS und Safari scheinen aber ebenso anfällig zu sein. First seen on golem.de Jump to article: www.golem.de/news/macos-nutzer-attackiert-apple-patcht-aktiv-ausgenutzte-sicherheitsluecken-2411-190959.html
-
Apple addressed two actively exploited zero-day vulnerabilities
by
in SecurityNewsApple released security updates for iOS, iPadOS, macOS, visionOS, and Safari browser to address two actively exploited zero-day flaws. Apple released security updates for two zero-day vulnerabilities, tracked as CVE-2024-44309 and CVE-2024-44308, in iOS, iPadOS, macOS, visionOS, and Safari web browser, which are actively exploited in the wild. The vulnerability CVE-2024-44309 is a cookie management issue…
-
Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308)
by
in SecurityNewsApple has released emergency security updates for macOS Sequoia that fix two zero-day vulnerabilities (CVE-2024-44309, CVE-2024-44308) that >>may have been actively … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/20/cve-2024-44309-cve-2024-44308/
-
WebKit-Exploit: Apple aktualisiert iOS, iPadOS, visionOS, macOS 15 und Safari
by
in SecurityNewsApple schiebt iOS 18.1.1, macOS 15.1.1 und visionOS 2.1.1 nach, um aktiv ausgenutzte Exploits zu stoppen. Nutzer sollten am besten schnell aktualisieren. First seen on heise.de Jump to article: www.heise.de/news/WebKit-Exploit-Apple-aktualisiert-iOS-iPadOS-visionOS-macOS-15-und-Safari-10072858.html
-
Apple Notfall-Sicherheitsupdate: Intel-basierte Mac-Systeme in Gefahr
by
in SecurityNewsApple schließt kritische Sicherheitslücken in macOS mit Notfall-Sicherheitsupdates. Jetzt handeln und vor Zero-Day-Angriffen schützen! First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/apple-notfall-sicherheitsupdate-intel-basierte-mac-systeme-in-gefahr-304500.html
-
Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities
by
in SecurityNewsApple has released security updates for iOS, iPadOS, macOS, visionOS, and its Safari web browser to address two zero-day flaws that have come under active exploitation in the wild.The flaws are listed below -CVE-2024-44308 – A vulnerability in JavaScriptCore that could lead to arbitrary code execution when processing malicious web contentCVE-2024-44309 – A cookie management…
-
macOS-Schwachstelle umgeht Datenschutzkontrollen im Safari-Browser
by
in SecurityNewsFirst seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/macos-schwachstelle-umgeht-datenschutzkontrollen-im-safari-browser-302991.html
-
Apple Confirms Zero-Day Attacks Hitting macOS Systems
by
in SecurityNewsApple rushes out out major macOS and iOS security updates to cover a pair of vulnerabilities already being exploited in the wild. The post Apple Confirms Zero-Day Attacks Hitting macOS Systems appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/apple-confirms-zero-day-attacks-hitting-intel-based-macs/
-
Apple Confirms Zero-Day Attacks Hitting Intel-based Macs
by
in SecurityNewsApple rushes out out major macOS and iOS security updates to cover a pair of vulnerabilities already being exploited in the wild. The post Apple Confirms Zero-Day Attacks Hitting Intel-based Macs appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/apple-confirms-zero-day-attacks-hitting-intel-based-macs/
-
Lumma Stealer statt KI-App: Malware befällt Windows und macOS
Vorsicht vor falschen KI-Tools wie EditProAI: Lumma Stealer bedroht Windows und macOS. So erkennt und vermeidet ihr die gut getarnte Malware. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/lumma-stealer-statt-ki-app-malware-befaellt-windows-und-macos-304346.html
-
Fake AI video generators infect Windows, macOS with infostealers
by
in SecurityNewsFake AI image and video generators infect Windows and macOS with the Lumma Stealer and AMOS information-stealing malware, used to steal credentials and cryptocurrency wallets from infected devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fake-ai-video-generators-infect-windows-macos-with-infostealers/
-
Bitfinex Hacker Gets 5 Years for $10 Billion Bitcoin Heist
Plus: An “AI granny” is wasting scammers’ time, a lawsuit goes after spyware-maker NSO Group’s executives, and North Korealinked hackers take a crack at macOS malware. First seen on wired.com Jump to article: www.wired.com/story/bitfinex-hacker-gets-5-years-for-10-billion-bitcoin-heist/
-
macOS HM Surf vuln might already be under exploit by major malware family
by
in SecurityNewsFirst seen on theregister.com Jump to article: www.theregister.com/2024/10/21/microsoft_macos_hm_surf/
-
North Korea’s Lazarus observed testing new macOS trojan in the wild
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/north-koreans-lazarus-observed-testing-new-macos-trojan-in-the-wild
-
MacOS 15.1: Apple patcht Drittanbieter-Firewalls kaputt
by
in SecurityNewsWer unter MacOS 15.1 Drittanbieter-Firewalls wie Little Snitch verwendet, könnte auf Probleme stoßen. Filterregeln bleiben je nach Konfiguration wirkungslos. First seen on golem.de Jump to article: www.golem.de/news/macos-15-1-apple-patcht-drittanbieter-firewalls-kaputt-2411-190821.html
-
North Korean’s Lazarus observed testing new macOS trojan in the wild
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/lazarus-observed-testing-new-macos-trojan-in-the-wild
-
Hackers use macOS extended file attributes to hide malicious code
by
in SecurityNewsHackers are using a novel technique that abuses extended attributes for macOS files to deliver a new trojan that researchers call RustyAttr. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-use-macos-extended-file-attributes-to-hide-malicious-code/
-
Lazarus Group Targets macOS with RustyAttr Trojan in Fake Job PDFs
Group-IB has uncovered Lazarus group’s stealthy new trojan and technique of hiding malicious code in extended attributes on… First seen on hackread.com Jump to article: hackread.com/lazarus-group-macos-rustyattr-trojan-fake-job-pdfs/
-
New RustyAttr Malware Targets macOS Through Extended Attribute Abuse
by
in SecurityNewsThreat actors have been found leveraging a new technique that abuses extended attributes for macOS files to smuggle a new malware called RustyAttr.The Singaporean cybersecurity company has attributed the novel activity with moderate confidence to the infamous North Korea-linked Lazarus Group, citing infrastructure and tactical overlaps observed in connection with prior campaigns, including First seen…
-
APT-Akteure betten Malware in macOS-Flutter-Anwendungen ein
by
in SecurityNewsFlutter ist ein App-Entwickler-Kit von Google für einheitliche, plattformübergreifende Anwendungen. Apps, die mit Flutter erstellt wurden, verfügen über ein App-Layout, das den Code weitgehend verschleiert. Zudem erschwert die Komplexität der Flutter-Architektur die Analyse und Erkennung von Malware erhe First seen on infopoint-security.de Jump to article: www.infopoint-security.de/apt-akteure-betten-malware-in-macos-flutter-anwendungen-ein/a38950/
-
RustyAttr Trojan: Lazarus Group’s New macOS Malware Evades Antivirus with Ease
by
in SecurityNewsResearchers at Group-IB have discovered a new stealth technique employed by the North Korean APT group Lazarus, targeting macOS systems through a unique code-smuggling method. Known for its sophisticated cyber-espionage... First seen on securityonline.info Jump to article: securityonline.info/rustyattr-trojan-lazarus-groups-new-macos-malware-evades-antivirus-with-ease/
-
Lazarus Group Uses Extended Attributes for Code Smuggling in macOS
Lazarus APT has been found smuggling malware onto macOS devices using custom extended attributes, evading detection First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/lazarus-extended-attributes-macos/
-
Sicherheitsupdates: Zoom Room Client & Co. angreifbar
by
in SecurityNewsDie Entwickler rüsten verschiedene Zoom-Apps gegen mögliche Angriffe. Davon sind unter anderem macOS und Windows betroffen. First seen on heise.de Jump to article: www.heise.de/news/Sicherheitsupdates-Zoom-Room-Client-Co-angreifbar-10031648.html
-
North Korean hackers create Flutter apps to bypass macOS security
by
in SecurityNewsNorth Korean threat actors target Apple macOS systems using trojanized Notepad apps and minesweeper games created with Flutter, which are signed and notarized by legitimate Apple developer IDs. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korean-hackers-create-flutter-apps-to-bypass-macos-security/
-
North Korean-linked hackers were caught experimenting with new macOS malware
by
in SecurityNewsResearchers can’t tell if the malware was used in a campaign, or North Korean operatives were caught before they could deploy it in the wild. First seen on cyberscoop.com Jump to article: cyberscoop.com/north-korea-macos-malware-flutter-jamf/
-
North Korean Hackers Target macOS Using Flutter-Embedded Malware
by
in SecurityNewsThreat actors with ties to the Democratic People’s Republic of Korea (DPRK aka North Korea) have been found embedding malware within Flutter applications, marking the first time this tactic has been adopted by the adversary to infect Apple macOS devices.Jamf Threat Labs, which made the discovery based on artifacts uploaded to the VirusTotal platform earlier…