#MacSecurity – Xynik

Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities

November 20, 2024 by Xynik

November 20, 2024 at 12:18AM Apple has released security updates for multiple operating systems to fix two actively exploited zero-day vulnerabilities: CVE-2024-44308, allowing arbitrary code execution, and CVE-2024-44309, enabling cross-site scripting (XSS) attacks. Users are urged to update their devices promptly to mitigate security risks. **Meeting Takeaways: November 20, 2024 – Security Updates on Zero-Day … Read more

Apple fixes two zero-days used in attacks on Intel-based Macs

November 19, 2024 by Xynik

November 19, 2024 at 04:57PM Apple issued emergency security updates to address two zero-day vulnerabilities that were exploited in attacks on Intel-based Mac systems. The updates aim to enhance security and protect users from potential threats. **Meeting Takeaways:** 1. Apple has released emergency security updates. 2. The updates address two zero-day vulnerabilities. 3. The vulnerabilities … Read more

Using 1Password on Mac? Patch up if you don’t want your Vaults raided

August 8, 2024 by Xynik

August 8, 2024 at 09:49AM 1Password for Mac versions prior to 8.10.36 are susceptible to a bug allowing attackers to steal vault items. 1Password Vaults securely manage passwords for various accounts, with the ability to be shared. Around 150,000 businesses and numerous individual consumers rely on 1Password. To address the vulnerability, users must update to … Read more

MacOS info-stealers quickly evolve to evade XProtect detection

January 16, 2024 by Xynik

January 16, 2024 at 04:34PM The macOS platform faces persistent challenges with information stealers evading detection, as highlighted in a report by SentinelOne that presents three malware examples circumventing XProtect. KeySteal, Atomic Stealer, and CherryPie showcase the ability of malware to evolve and avoid detection, emphasizing the need for advanced security measures beyond static detection. … Read more

New proxy malware targets Mac users through pirated software

December 3, 2023 by Xynik

December 3, 2023 at 04:11PM Cybercriminals are distributing a proxy trojan via trojanized macOS software on warez sites. The malware, which converts infected Macs into proxies for illegal activities, is disguised in pirated applications and utilizes PKG installer files that execute malicious scripts with admin rights. Kaspersky’s investigation revealed the multi-platform campaign and the malware’s … Read more

It’s Cheap to Exploit Software — and That’s a Major Security Problem

November 1, 2023 by Xynik

November 1, 2023 at 10:09AM The cost to hack an iPhone ranges from $0 to $65,000 depending on security updates. Exploiting an individual’s iPhone can cost up to $8 million. Apple’s investment in hardening the iPhone has contributed to the higher cost compared to exploiting software like Adobe Acrobat. Big tech companies have spent significant … Read more

iLeakage Attack Exploits Safari to Steal Sensitive Data From Macs, iPhones

October 26, 2023 by Xynik

October 26, 2023 at 12:21PM Researchers have discovered a new side-channel attack called iLeakage that exploits Safari to extract sensitive information from Macs and iPhones. The attack requires the user to be lured to a malicious website, which then automatically opens the targeted site. The researchers demonstrated how it can steal passwords, Instagram credentials, email … Read more