Tag: macOS
-
New PondRAT Malware Hidden in Python Packages Targets Software Developers
Threat actors with ties to North Korea have been observed using poisoned Python packages as a way to deliver a new malware called PondRAT as part of an ongoing campaign.PondRAT, according to new findings from Palo Alto Networks Unit 42, is assessed to be a lighter version of POOLRAT (aka SIMPLESEA), a known macOS backdoor…
-
macOS 15: Probleme mit Sicherheitssoftware bekannter Hersteller
Tags: macOSNach Installation von macOS 15 Sequoia kann es zu Problemen mit Enterprise-Security-Apps kommen. Grund sind offenbar Änderungen im Netzwerk-Stack. First seen on heise.de Jump to article: www.heise.de/news/macOS-15-Probleme-mit-Sicherheitssoftware-bekannter-Hersteller-9939358.html
-
Sequoia update for macOS ‘broke’ popular security tools
First seen on scmagazine.com Jump to article: www.scmagazine.com/news/sequoia-update-for-macos-broke-popular-security-tools
-
Apple’s macOS Sequoia Update Breaks Security Tools
Apple’s macOS Sequoia update is causing major compatibility issues with popular security tools. Reportedly, users are facing disruptions… First seen on hackread.com Jump to article: hackread.com/apples-macos-sequoia-update-breaks-security-tools/
-
Iranian Hackers Tried to Give Hacked Trump Campaign Emails to Dems
Plus: The FBI dismantles the largest-ever China-backed botnet, the DOJ charges two men with a $243 million crypto theft, Apple’s MacOS Sequoia breaks cybersecurity tools, and more. First seen on wired.com Jump to article: www.wired.com/story/iran-hackers-trump-democrats-emails/
-
Delay Upgrading to macOS Sequoia, Security Experts Recommend
Not Yet Compatible: Many Third-Party Endpoint Security, Authentication, VPN Tools. Multiple makers of third-party Apple security tools, including CrowdStrike and SentinelOne, are warning users not to upgrade to the new macOS 15 Sequoia, pending needed OS bug fixes. Users have also reported seeing problems with third-party VPNs crashing and single sign-on tools failing. First seen…
-
macOS Sequoia change breaks networking for VPN, antivirus software
Users of macOS 15 ‘Sequoia’ are reporting network connection errors when using certain endpoint detection and response (EDR) or virtual private network (VPN) solutions, and web browsers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/apple/macos-sequoia-change-breaks-networking-for-vpn-antivirus-software/
-
Google Now Syncing Passkeys Across Desktop, Android Devices
Users can now save passkeys to Google Password Manager on computers running Windows, macOS, and Linux, in addition to Android devices. The post Google Now Syncing Passkeys Across Desktop, Android Devices appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/google-now-syncing-passkeys-across-desktop-android-devices/
-
Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature
Google on Thursday unveiled a Password Manager PIN to let Chrome web users sync their passkeys across Windows, macOS, Linux, ChromeOS, and Android devices.”This PIN adds an additional layer of security to ensure your passkeys are end-to-end encrypted and can’t be accessed by anyone, not even Google,” Chrome product manager Chirag Desai said.The PIN is…
-
Upgrade nicht empfohlen: MacOS 15 Sequoia liefert allerhand Netzwerkprobleme
Nicht nur Security-Tools von Crowdstrike, Sentinelone und Microsoft machen unter MacOS 15 Probleme. Auch die integrierte Firewall blockiert mehr als erwartet. First seen on golem.de Jump to article: www.golem.de/news/upgrade-nicht-empfohlen-macos-15-sequoia-liefert-allerhand-netzwerkprobleme-2409-189141.html
-
North Korean Hackers Gleaming Pisces Poisoned Python Packages Target Linux macOS
Unit 42 researchers have uncovered a new cyberattack campaign by the North Korean-affiliated APT group, Gleaming Pisces, targeting Linux and macOS systems via poisoned Python packages. The campaign involves the... First seen on securityonline.info Jump to article: securityonline.info/north-korean-hackers-gleaming-pisces-poisoned-python-packages-target-linux-macos/
-
Apple’s new macOS Sequoia update is breaking some cybersecurity tools
On Monday, Apple released its latest computer operating system update called macOS 15, or Sequoia. And, somehow, the software update has broken the functionality of several security tools made by CrowdStrike, SentinelOne, Microsoft, and others, according to posts on social media, as well as messages posted in a Mac-focused Slack channel. At this point, it’s…
-
Apple’s new macOS Sequoia update breaks cybersecurity tools, experts say
On Monday, Apple released its latest computer operating system update called macOS 15, or Sequoia. And, somehow, the software update has broken the functionality of several security tools made by CrowdStrike, SentinelOne, Microsoft, and others, according to posts on social media, as well as messages posted in a Mac-focused Slack channel. At this point, it’s…
-
Google rolls out automatic passkey syncing via Password Manager
Passkeys, the digital credentials that let you sign into apps and websites without entering a password, are getting easier to use for Chrome users. Starting today, you can save passkeys to Google Password Manager, Google’s password manager built into Chrome on Windows, macOS, and Linux, so that your passkeys automatically sync across all your signed-in…
-
Google Password Manager now automatically syncs your passkeys
Google announced that starting today, passkeys added to Google Password Manager will automatically sync between Windows, macOS, Linux, Android, and ChromeOS devices for logged-in users. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/google/google-password-manager-now-automatically-syncs-your-passkeys/
-
Zero-Click RCE Bug in macOS Calendar Exposes iCloud Data
A researcher bypassed the Calendar sandbox, Gatekeeper, and TCC in a chain attack that allowed for wanton theft of iCloud photos. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/zero-click-rce-bug-macos-calendar-exposes-icloud-data
-
Microsoft rolls out Office LTSC 2024 for Windows and Mac
Microsoft has announced that Office LTSC (Long Term Servicing Channel) 2024, a volume-licensed and perpetual version of Office for Windows and macOS users, is now available for commercial and government customers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-rolls-out-office-ltsc-2024-for-windows-and-mac/
-
The Changing Threat Landscape: Infostealers and the MacOS goldmine
First seen on blog.f-secure.com Jump to article: blog.f-secure.com/infostealers-and-macos/
-
New Loki Backdoor Attacking macOS Systems
Cody Thomas developed Apfell, an open-source macOS post-exploitation framework, in 2018 and evolved into Mythic, a cross-platform framework that addresses the limitations of existing tools. Mythic provides a unified interface for managing agents written in various languages for different platforms, which allows for flexibility and customization, enabling the creation of agents with specific functionalities. Currently,…
-
Multiple flaws in Microsoft macOS apps unpatched despite potential risks
First seen on theregister.com Jump to article: www.theregister.com/2024/08/19/cisco_talos_microsoft_macos/
-
Adobe Patch Tuesday security updates fixed multiple critical issues in the company’s products
Adobe addressed tens of vulnerabilities, including critical issues that could allow attackers to execute arbitrary code on Windows and macOS. Adobe Patch Tuesday security updates addressed multiple vulnerabilities in its products, including critical flaws that could allow attackers to execute arbitrary code on Windows and macOS systems. The most severe vulnerabilities are two critical memory…
-
New Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted Access
Eight vulnerabilities have been uncovered in Microsoft applications for macOS that an adversary could exploit to gain elevated privileges or access se… First seen on thehackernews.com Jump to article: thehackernews.com/2024/09/new-flaws-in-microsoft-macos-apps-could.html
-
Adobe Security Update, Multiple Vulnerabilities Patched
Adobe has issued a crucial security update for its Acrobat and Reader software on Windows and macOS platforms. This update, identified as APSB24-70, addresses multiple vulnerabilities that could allow attackers to execute arbitrary code on affected systems. The update was published on September 10, 2024, and carries a priority rating of 3, indicating the importance…
-
How multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing permissions
An adversary could exploit these vulnerabilities by injecting malicious libraries into Microsoft’s applications to gain their entitlements and user-gr… First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/how-multiple-vulnerabilities-in-microsoft-apps-for-macos-pave-the-way-to-stealing-permissions/
-
Adobe Patches Critical, Code Execution Flaws in Multiple Products
Patch Tuesday: Adobe releases patches for 28 security vulnerabilities and warned of code execution risks on Windows and macOS platforms. The post Adobe Patches Critical, Code Execution Flaws in Multiple Products appeared first on SecurityWeek. Source: www.securityweek.com/adobe-patches-critical-code-execution-flaws-in-multiple-products/ comments: 0
-
Infostealer AMOS will Cookies, Passwörter und Autofills von macOS
Seit Langem hält sich der Glaube, dass das macOS-Betriebssystem weniger anfällig für Schadsoftware ist als Windows. Das mag an der geringeren Marktdominanz liegen und verschiedenen eigenen Sicherheitsfeatures, die von den Malware-Entwicklern andere Ansätze verlangen. Man ging davon aus, dass hier nur unkonventionelle Attacken und Schadsoftware eine Chance hätten. Diese Annahme ist nun endlich passé. Mainstream-Schadsoftware…
-
Sophos analysiert Infostealer AMOS: Neue Bedrohung für macOS-Nutzer
Um sich vor Infostealern wie AMOS zu schützen, sollten Nutzer ausschließlich Software von seriösen Quellen installieren und besonders vorsichtig mit Pop-ups umgehen, die nach Passwörtern oder erweiterten Rechten fragen. Source: www.infopoint-security.de/sophos-analysiert-infostealer-amos-neue-bedrohung-fuer-macos-nutzer/a38249/ comments: 0
-
Cthulhu Stealer asService-Angriffe auf macOS
First seen on security-insider.de Jump to article: www.security-insider.de/cthulhu-stealer-malware-as-service-macos-a-1963cc9bbf6f631ff993091d99b1c1fc/
-
macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users
Users of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a backdoor named HZ RAT.The artifacts alm… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/macos-version-of-hz-rat-backdoor.html
-
Vulnerabilities in Microsoft apps for macOS allow stealing permissions
Vulnerabilities in Microsoft apps for macOS could allow attackers to steal permissions and access sensitive data. Cisco Talos researchers discovered e… First seen on securityaffairs.com Jump to article: securityaffairs.com/167973/hacking/microsoft-apps-for-macos-flaws.html