macOS Archives - Page 2 of 5 - Cyber Security Minute

Experts found components of a complex toolkit employed in macOS attacks

Issued by: Security Affairs

Bitdefender researchers discovered a set of malicious files with backdoor capabilities that are suspected to be part of a sophisticated toolkit designed to target Apple macOS systems. The investigation is still ongoing, the experts pointed out that the samples are still largely undetected. The researchers analyzed a total of four samples that were uploaded to…

Malware & Threats

Supply chain blunder puts 3CX telephone app users at risk

Issued by: Naked Security

Internet telephony company 3CX is warning its customers of malware that was apparently weaseled into the company’s own 3CX Desktop App by cybercriminals who seem to have acquired access to one or more of 3CX’s source code repositories. As you can imagine, given that the company is scrambling not only to figure out what happened,…

Malware & Threats

New ‘Alchimist’ Attack Framework Targets Windows, Linux, macOS

Issued by: Security Week

Dubbed Alchimist and already used in the wild, the attack framework is implemented in GoLang, the same as the Insekt RAT that it implants on compromised systems. The attack framework provides a web interface written in simplified Chinese that allows operators to generate and deploy malicious payloads, establish remote connections, execute code on the compromised…

Malware & Threats

North Korean Hackers Use Fake Job Offers to Deliver New macOS Malware

Issued by: Security Week

Believed to be backed by the North Korean government, Lazarus has been active since at least 2009, orchestrating various high-profile attacks, including numerous assaults on cryptocurrency entities. Also referred to as Hidden Cobra, Lazarus is believed to comprise multiple subgroups, the activities of which often overlap, the same as their tools. Over the past couple…

Malware & Threats

Chinese Cyberspies Use Supply Chain Attack to Deliver Windows, macOS Malware

Issued by: Security Week

Also referred to as APT27, Bronze Union, Emissary Panda, Lucky Mouse, and TG-3390 (Threat Group 3390), Iron Tiger has been active since at least 2010, targeting hundreds of organizations worldwide for cyberespionage purposes. As part of recent attacks, the advanced persistent threat (APT) group abused the compromised servers of MiMi – an instant messaging application…

Malware & Threats

MacOS Bug Could Let Malicious Code Break Out of Application Sandbox

Issued by: Dark Reading

Microsoft has revealed a now-fixed flaw in Apple’s macOS that allowed specific kinds of code to bypass the operating system’s App Sandbox restrictions on third-party applications, potentially allowing attackers to escalate device privileges and install additional malicious payloads. Microsoft shares credit for the find (CVE-2022-26706) with researcher Arsenii Kostromin, the company said in its announcement,…

Vulnerabilities

Known macOS Vulnerabilities Led Researcher to Root Out New Flaws

Issued by: Dark Reading

Sometimes all it takes to root out a new software vulnerability is to study and analyze previous bug reports. That’s how researcher Csaba Fitzl says he sniffed out some new Apple macOS vulnerabilities, one of which was a mirror image of a logic flaw that a group of researchers competing in the 2020 Pwn2Own contest…

Vulnerabilities

Apple fixes actively exploited iOS, macOS zero-day (CVE-2022-22620)

Issued by: Help Net Security

Another month, another zero-day (CVE-2022-22620) exploited in the wild that has been fixed by Apple. About CVE-2022-22620 CVE-2022-22620 is a use after free issue in WebKit, the browser engine used in Safari and all iOS web browsers. Apple fixed it in iOS 15.3.1 and iPadOS 15.3.1, macOS Monterey 12.2.1, and Safari 15.3. “Processing maliciously crafted…

Vulnerabilities

Mac Malware-Dropping Adware Gets More Dangerous

Issued by: Dark Reading

The latest version of a Mac Trojan called UpdateAgent, aka WizardUpdate, provides fresh evidence of the growing effort that some threat actors are putting into targeting Apple technologies. The malware, which impersonates legitimate software, such as support agents and video software, first surfaced in September 2020. It is commonly distributed via drive-by downloads or pop-ups…

Vulnerabilities

Shrootless: macOS Vulnerability Found by Microsoft Allows Rootkit Installation

Issued by: Security Week

Tracked as CVE-2021-30892 and named “Shrootless” by Microsoft, the vulnerability exists in the method used to install Apple-signed packages with post-install scripts. To successfully exploit the vulnerability, an attacker needs to create a specially crafted file that would allow them to hijack the installation process of said packages. Apple introduced SIP in macOS Yosemite to…