Credit to Author: Enoch Root| Date: Wed, 07 Sep 2022 20:24:06 +0000
At the DEF CON 30 conference, Patrick Wardle spoke about a new vulnerability in the Zoom client for Apple computers.
Read more
Credit to Author: Jonny Evans| Date: Fri, 02 Sep 2022 04:55:00 -0700
When Craig Federighi, Apple’s senior vice president of software engineering last year said, “We have a level of malware on the Mac that we don’t find acceptable,” he apparently really meant it. And Apple seems to be doing about something about it.
Federighi characterized Apple as being in an enduring battle against malware on the Mac. He also explained that between May 2020 and May 2021 the company identified 130 types of Mac malware that infected 300,000 systems.
Given the Mac’s reputation for security, that may seem counter intuitive, but maintaining a secure platform requires constant watchfulness.
Categories: Exploits and vulnerabilities Categories: News Tags: macOS Tags: iOS Tags: CVE-2022-32894 Tags: CVE-2022-32893 Tags: kernel privileges Tags: WebKit Tags: actively exploited Tags: watering hole Tags: exploit kit Apple has released emergency security updates to fix two zero-day vulnerabilities previously exploited by attackers to hack iPhones, iPads, or Macs. |
The post Urgent update for macOS and iOS! Two actively exploited zero-days fixed appeared first on Malwarebytes Labs.
Read more
Credit to Author: Jonny Evans| Date: Mon, 15 Aug 2022 06:35:00 -0700
Once upon a time, one attack vector for industrial sabotage consisted of exfiltrating data from Macs using a standard-issue USB storage card. Researchers have also shown that it’s possible to hijack computers with malware-infested cables. It’s a jungle out there, so Apple has toughened up (Apple Silicon) Mac protection with USB Restricted Mode.
Beginning with macOS Ventura, the new layer of protection comes in the form of USB Restricted mode, which should provide a little reassurance to enterprise IT and is enabled by default.
Credit to Author: Enoch Root| Date: Mon, 01 Aug 2022 15:41:27 +0000
How Lockdown Mode works on Apple devices, who needs it and why.
Read moreCredit to Author: Bill Cozens| Date: Thu, 14 Jul 2022 14:35:10 +0000
In this post, we break down three endpoint security for Mac best practices to help you prevent phishing attacks, DDoS attacks, and much more.
The post Endpoint security for Mac: 3 best practices appeared first on Malwarebytes Labs.
Read moreCredit to Author: Paul Oliveria| Date: Wed, 13 Jul 2022 16:00:00 +0000
Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. We shared these findings with Apple, and fix for this vulnerability, now identified as CVE-2022-26706, was included in the security updates on May 16, 2022.
The post Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 appeared first on Microsoft Security Blog.
Read more
Credit to Author: Jonny Evans| Date: Thu, 07 Jul 2022 06:17:00 -0700
Apple has struck a big blow against the mercenary “surveillance-as-a-service” industry, introducing a new, highly secure Lockdown Mode to protect individuals at the greatest risk of targeted attacks. The company is also offering millions of dollars to support research to expose such threats.
Starting in iOS 16, iPadOS 16 and macOS Ventura, and available now in the latest developer-only betas, Lockdown Mode hardens security defenses and limits the functionalities sometimes abused by state-sponsored surveillance hackers. Apple describes this protection as “sharply reducing the attack surface that potentially could be exploited by highly targeted mercenary spyware.”