Tag: macOS
-
North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS
by
in SecurityNewsThe North Korean threat actors behind the Contagious Interview campaign have been observed delivering a collection of Apple macOS malware strains dubbed FERRET as part of a supposed job interview process.”Targets are typically asked to communicate with an interviewer through a link that throws an error message and a request to install or update some…
-
N. Korean ‘FlexibleFerret’ Malware Hits macOS with Fake Zoom, Job Scams
by
in SecurityNewsN. Korean ‘FlexibleFerret’ malware targets macOS with fake Zoom apps, job scams, and bug report comments, deceiving users… First seen on hackread.com Jump to article: hackread.com/north-korea-flexibleferret-malware-macos-fake-zoom-job-scams/
-
FlexibleFerret Malware Attacking macOS Users, Evading XProtect Detections
by
in SecurityNewsA new macOS malware variant, dubbed >>FlexibleFerret,
-
Microsoft Sets End Date for Defender VPN
Though Windows, iOS, and macOS users won’t need to make any changes, Android users are advised to remove their Defender VPN profiles. First seen on darkreading.com Jump to article: www.darkreading.com/mobile-security/microsoft-sets-end-date-for-defender-vpn
-
Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware
by
in SecurityNewsA Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware such as StealC, Atomic macOS Stealer (aka AMOS), and Angel Drainer.”Specializing in identity fraud, cryptocurrency theft, and information-stealing malware, Crazy…
-
SparkRAT: A Persistent Cross-Platform Cyber Threat Targeting macOS and Beyond
by
in SecurityNewsSince its initial release on GitHub in 2022 by user XZB-1248, SparkRAT has evolved into a widely used First seen on securityonline.info Jump to article: securityonline.info/sparkrat-a-persistent-cross-platform-cyber-threat-targeting-macos-and-beyond/
-
Hackers Attacking Windows, macOS, and Linux systems With SparkRAT
by
in SecurityNewsResearchers have uncovered new developments in SparkRAT operations, shedding light on its persistent use in malicious campaigns targeting macOS users and government organizations. The findings, detailed in a recent report, underscore the evolving tactics of threat actors leveraging SparkRAT’s modular framework and cross-platform capabilities across Windows, macOS, and Linux. SparkRAT’s Communication Originally released on GitHub…
-
Apple Security Update Patch for iOS Zero-day, MacOS More
by
in SecurityNewsApple has responded to a newly discovered zero-day vulnerability affecting its operating systems by releasing an array of security updates to protect users from potential exploitation. The updates span iOS, iPadOS, macOS, watchOS, tvOS, visionOS, and Safari, demonstrating Apple’s commitment to user security and privacy. Patch Details The updates, released on January 27, 2025, include…
-
Homebrew macOS Users Targeted With Information Stealer Malware
by
in SecurityNewsA malicious campaign has been redirecting macOS users to a fake Homebrew website, infecting them with information stealer malware. The post Homebrew macOS Users Targeted With Information Stealer Malware appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/homebrew-macos-users-targeted-with-information-stealer-malware/
-
Fake Homebrew site leverages Google ads to target macOS, Linux devices
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/fake-homebrew-site-leverages-google-ads-to-target-macos-linux-devices
-
Neue Bedrohung für macOS: AmosStealer will eure Krypto-Wallets
by
in SecurityNewsGefährliche Malware AmosStealer greift Mac-Benutzer an: Passwörter und Krypto-Wallets jetzt vor Diebstahl schützen! First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/neue-bedrohung-fuer-macos-amosstealer-will-eure-krypto-wallets-308494.html
-
Yubico Warns of 2FA Security Flaw in pam-u2f for Linux and macOS Users
by
in SecurityNews
Tags: 2fa, advisory, authentication, cve, fido, flaw, linux, macOS, mfa, open-source, risk, software, threat, vulnerabilityYubico has released a security advisory, YSA-2025-01, which highlighted a vulnerability within the software module that supports two-factor authentication (2FA) for Linux and macOS platforms. This issue, tracked as CVE-2025-23013, allows for a partial 2FA bypass protections when using YubiKeys or other FIDO-compatible authenticators. The vulnerability poses a high-risk security threat and could potentially compromise…
-
CVE-2024-44243 macOS flaw allows persistent malware installation
by
in SecurityNewsMicrosoft disclosed details of a vulnerability in Apple macOS that could have allowed an attacker to bypass the OS’s System Integrity Protection (SIP). Microsoft disclosed details of a now-patched macOS flaw, tracked as CVE-2024-44243 (CVSS score: 5.5), that allows attackers with >>root
-
Microsoft Discovers macOS Flaw CVE-2024-44243, Bypassing SIP
by
in SecurityNewsCVE-2024-44243, a critical macOS vulnerability discovered recently by Microsoft, can allow attackers to bypass Apple’s System Integrity Protection… First seen on hackread.com Jump to article: hackread.com/microsoft-macos-flaw-cve-2024-44243-bypassing-sip/
-
Apple Bug Allows Root Protections Bypass Without Physical Access
by
in SecurityNewsEmergent macOS vulnerability lets adversaries circumvent Apple’s System Integrity Protection (SIP) by loading third-party kernels. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/apple-bug-root-protections-bypass-physical-access
-
Apple Patches Flaw That Allows Kernel Security Bypassing
by
in SecurityNewsMicrosoft Uncovered Flaw That Affects macOS System Integrity Protection Feature. Apple patched a vulnerability that allows hackers to bypass a key security feature in macOS by through third-party kernel extensions. Microsoft researchers uncovered the flaw tracked as CVE-2024-44243. The flaw could enable hackers to install rootkits and create malware with privileged access. First seen on…
-
New bug lets attackers bypass macOS system integrity protection
by
in SecurityNews
Tags: macOSFirst seen on scworld.com Jump to article: www.scworld.com/news/new-bug-lets-attackers-bypass-macos-system-integrity-protection
-
Malicious kernel driver deployment possible via macOS vulnerability
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/malicious-kernel-driver-deployment-possible-via-macos-vulnerability
-
Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation
by
in SecurityNewsMicrosoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as “root” to bypass the operating system’s System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions.The vulnerability in question is CVE-2024-44243 (CVSS score: 5.5), a medium-severity bug First…
-
macOS bug lets hackers install malicious kernel drivers
by
in SecurityNewsApple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-macos-bug-lets-hackers-install-malicious-kernel-drivers/
-
Critical macOS Vulnerability Lets Hackers to Bypass Apple’s System Integrity Protection
by
in SecurityNewsMicrosoft Threat Intelligence has uncovered a critical macOS vulnerability that allowed attackers to bypass Apple’s System Integrity Protection (SIP). Known as CVE-2024-44243, this vulnerability could be exploited to load third-party kernel extensions, resulting in severe security implications for macOS users. Apple released a patch for this vulnerability as part of its December 11, 2024, security…
-
Anwendung blockiert: MacOS stuft Docker Desktop als Malware ein
by
in SecurityNewsEinige Dateien von Docker Desktop für MacOS wurden falsch signiert, so dass Nutzer eine Malware-Warnung erhalten. Eine echte Gefahr besteht nicht. First seen on golem.de Jump to article: www.golem.de/news/anwendung-blockiert-docker-desktop-unter-macos-als-malware-eingestuft-2501-192366.html
-
PoC Exploit Released for Critical macOS Sandbox Vulnerability (CVE-2024-54498)
by
in SecurityNewsA proof-of-concept (PoC) exploit has been publicly disclosed for a critical vulnerability impacting macOS systems, identified as CVE-2024-54498. This vulnerability poses a significant security risk by allowing malicious applications to bypass the macOS Sandbox, a key security feature designed to isolate app activity and protect sensitive system resources. Details of CVE-2024-54498 The vulnerability, classified ashigh severitywith…
-
Neue und verbesserte Version des Banshee-Stealers nimmt MacOS-Nutzer ins Visier
by
in SecurityNewsCheck Point Software Technologies warnt vor einer neuen und verbesserten Version des Banshee-Stealers. Er nimmt MacOS-Nutzer ins Visier, was bedeutet, dass über 100 Millionen Anwender bedroht sind. Banshee tauchte mitten im Jahr 2024 als Stealer-as-a-Service für 3.000 US-Dollar als Mietmodell auf. Die Malware nutzte ab September sogar die Funktion String-Encryption aus Apples eigenem Programm XProtect,…
-
New Banshee Stealer variant continues attacks on macOS devices
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/new-banshee-stealer-variant-continues-attacks-on-macos-devices
-
Banshee macOS stealer supports new evasion mechanisms
Experts found a new version of the Banshee macOS information stealer which was enhanced with new evasion mechanisms. Check Point researchers discovered a new version of the Banshee macOS infostealer which is distributed through phishing websites and fake GitHub repositories, often masqueraded as popular software. In August 2024, Russian crooks advertised a macOS malware called…
-
Docker Desktop blocked on Macs due to false malware alert
by
in SecurityNewsDocker is warning that Docker Desktop is not starting on macOS due to malware warnings after some files were signed with an incorrect code-signing certificate. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/docker-desktop-blocked-on-macs-due-to-false-malware-alert/
-
Banshee macOS Malware Expands Targeting
by
in SecurityNewsThe latest version of the Banshee macOS information stealer no longer checks if the infected systems have the Russian language installed. The post Banshee macOS Malware Expands Targeting appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/banshee-macos-malware-expands-target-list/