November 14, 2024 at 04:57AM A new malware, RustyAttr, has been linked to the North Korean Lazarus Group, utilizing macOS file extended attributes to execute attacks. Disguised as legitimate applications, it uses distractions like error messages and fake PDFs. Protection remains effective on macOS systems, but social engineering may still be needed to bypass safeguards. … Read more
November 7, 2024 at 01:16PM North Korean cryptocurrency hackers have been targeting macOS users by using deceptive PDF applications, backdoors, and innovative persistence techniques to infiltrate systems. ### Meeting Takeaways: 1. **Threat Overview**: North Korean cryptocurrency thieves are actively targeting macOS users. 2. **Method of Attack**: Attackers are utilizing fake PDF applications to execute their … Read more
November 7, 2024 at 07:42AM A North Korean threat actor, BlueNoroff, has targeted cryptocurrency businesses using multi-stage malware that infects macOS devices via phishing emails and disguised applications. The campaign, named Hidden Risk, employs social engineering tactics, exploiting Apple developer accounts for notarization and illustrates the evolving strategies of North Korean cyber operations. **Meeting Takeaways: … Read more
October 28, 2024 at 12:06PM Apple has released security updates for macOS Sonoma 14.7.1, addressing numerous vulnerabilities including logic issues, sandbox circumvention, and information disclosure risks. Updates enhance validation, improve checks, and implement additional restrictions to safeguard against potential malware and unauthorized access to sensitive data. Users are encouraged to install the update promptly. ### … Read more
October 23, 2024 at 07:57AM A new file-encrypting malware resembling LockBit ransomware has been detected targeting macOS systems, raising concerns for cybersecurity. The threat highlights the evolving landscape of malware that can affect multiple operating systems. **Meeting Notes Takeaways:** 1. **Malware Identification**: A new file-encrypting malware, referred to as NotLockBit, has been identified. 2. **Target … Read more
October 18, 2024 at 08:55AM Microsoft reports that the Adload macOS adware may exploit a privacy bypass vulnerability that was recently fixed in Sequoia 15. This highlights ongoing security concerns related to adware attacks on macOS platforms. **Meeting Takeaways:** 1. **Adware Concern:** The Adload macOS adware is potentially exploiting a vulnerability related to privacy bypass. … Read more
October 15, 2024 at 02:15PM The macOS Sonoma 14.5 update addresses multiple security vulnerabilities, including memory handling issues, logic flaws, and improper checks. These vulnerabilities could allow local attackers to cause system crashes, access user data, or execute arbitrary code. Users are advised to update to enhance system security. ### Meeting Notes Takeaways **Release Details:** … Read more
September 23, 2024 at 10:00AM ESET released patches for high-severity CVE-2024-7400 impacting Windows products, enabling privilege escalation through file deletion. The fix was automatically distributed to customers. The security flaw affected multiple end-user and enterprise products. ESET also addressed medium-severity CVE-2024-6654, which could cause denial-of-service attacks on macOS security tools, with patches for Cyber Security … Read more
September 22, 2024 at 08:59PM macOS Sequoia (macOS 15) has experienced security software issues on updated Apple systems, causing network connectivity problems and software incompatibility. Microsoft and ESET have posted bulletins addressing networking issues. Apple released the update despite being aware of the reported problems. In other news, Craig Newmark has pledged $100M for cyber … Read more
September 20, 2024 at 04:21PM North Korean threat group, Gleaming Pisces, is suspected of covertly embedding remote access malware into open source Python packages for macOS and Linux, targeting developers. The malware, named PondRAT, executes malicious code to download a trojan. The group’s focus on non-Windows systems reflects its audience: developers. Vigilance against phishing attacks … Read more