August 16, 2024 at 05:27AM Cybersecurity researchers have discovered Banshee Stealer, a new malware targeting Apple macOS systems, being sold for $3,000 a month. It attacks various browsers, cryptocurrency wallets, and around 100 extensions, harvesting data and employing anti-detection measures. This follows the emergence of other macOS and Windows-based stealers, signaling the rise of platform-specific … Read more
August 7, 2024 at 02:30AM Apple has announced updates to its macOS, making it more challenging for users to override Gatekeeper protections. These changes are part of the upcoming macOS Sequoia, tightening user approval mechanisms to prevent unauthorized software from running, countering malware and backdoors targeting macOS. This move aims to enhance security and protect … Read more
August 1, 2024 at 08:06AM A security audit sponsored by the Open Tech Fund in August 2023 found 25 security defects in Homebrew, a popular package manager for macOS and Linux. The vulnerabilities allowed for code execution, privilege escalation, and secrets exfiltration. Trail of Bits notes the lack of explicit security documentation and the informal … Read more
July 18, 2024 at 05:34PM Cybercriminal group Revolver Rabbit has registered over 500,000 domain names using a secret method called RDGAs to execute infostealer campaigns targeting Windows and macOS systems. Security researchers at Infoblox discovered this large-scale operation, estimating over $1 million in registration fees. The domains use a consistent pattern for easy readability and … Read more
July 17, 2024 at 03:12PM North Korea state-sponsored hackers have targeted macOS users with a new variant of BeaverTail malware, posing as a fake job interview to trick victims into downloading a malicious version of Microtalk. Cybersecurity researcher Patrick Wardle uncovered the campaign, highlighting the hackers’ use of social engineering tactics and the execution of … Read more
June 11, 2024 at 02:36PM Adobe has released fixes for critical vulnerabilities, addressing the risk of code execution attacks on Windows and macOS platforms. The vulnerabilities were identified in After Effects and Illustrator. This highlights the importance of applying patches promptly to mitigate potential security threats. Upon review of the meeting notes, it appears that … Read more
June 7, 2024 at 12:06PM Cybersecurity researchers have discovered that the LightSpy spyware targeting Apple iOS users is actually an undocumented macOS variant, capable of infecting various platforms and devices. The macOS version has been active since January 2024, with capabilities to harvest various types of information and intercept communications. The ongoing development sheds light … Read more
May 13, 2024 at 04:03PM Apple has identified a zero-day flaw in older iPhones being exploited and has also documented security issues in macOS, iOS, and iPadOS. This has prompted the release of patches to address the vulnerabilities across Apple’s product range. Based on the meeting notes, it seems Apple has identified and documented a … Read more
May 6, 2024 at 04:39AM Cybersecurity researchers have discovered a new information stealer, Cuckoo by Kandji, targeting Apple macOS systems. It is capable of running on both Intel- and Arm-based Macs and establishes persistence by utilizing a LaunchAgent. The malware gathers extensive information from the system and tricks users into entering their passwords. It also … Read more
April 11, 2024 at 04:09PM MITRE is adding two new techniques to its ATT&CK database due to exploits by North Korean threat actors. One technique involves TCC manipulation on Apple’s macOS, enabling privileged access for espionage. The other technique, phantom DLL hijacking on Windows, involves exploiting nonexistent DLL files. Both have been used by North … Read more