MacOS – Computer Security Articles

Credit to Author: Microsoft Threat Intelligence| Date: Mon, 13 Jan 2025 17:00:00 +0000

Microsoft discovered a macOS vulnerability allowing attackers to bypass System Integrity Protection (SIP) by loading third party kernel extensions, which could lead to serious consequences, such as allowing attackers to install rootkits, create persistent malware, bypass Transparency, Consent, and Control (TCC), and expand the attack surface to perform other unauthorized operations.

The post Analyzing CVE-2024-44243, a macOS System Integrity Protection bypass through kernel extensions appeared first on Microsoft Security Blog.

Security Sophos

October 30, 2024 admin

Infostealer AMOS will Cookies, Passwörter und Autofills – von macOS

Credit to Author: Jörg Schindler| Date: Tue, 10 Sep 2024 09:00:41 +0000

Seit Langem hält sich der Glaube, dass das macOS-Betriebssystem weniger anfällig für Schadsoftware ist als Windows. Das mag an der geringeren Marktdominanz liegen und verschiedenen eigenen Sicherheitsfeatures, die von den Malware-Entwicklern andere Ansätze verlangen. Man ging davon aus, dass hier nur unkonventionelle Attacken und Schadsoftware eine Chance hätten. Diese Annahme ist nun endlich passé. Mainstream-Schadsoftware […]

Microsoft Security

October 19, 2024 admin

New macOS vulnerability, “HM Surf”, could lead to unauthorized data access

Credit to Author: Microsoft Threat Intelligence| Date: Thu, 17 Oct 2024 16:00:00 +0000

Microsoft Threat Intelligence uncovered a macOS vulnerability that could potentially allow an attacker to bypass the operating system’s Transparency, Consent, and Control (TCC) technology and gain unauthorized access to a user’s protected data. The vulnerability, which we refer to as “HM Surf”, involves removing the TCC protection for the Safari browser directory and modifying a […]

The post New macOS vulnerability, “HM Surf”, could lead to unauthorized data access appeared first on Microsoft Security Blog.

MalwareBytes Security

October 18, 2024 admin

Unauthorized data access vulnerability in macOS is detailed by Microsoft

Microsoft disclosed details about the HM Surf vulnerability that could allow an attacker to gain access to the user’s data in Safari

Security Sophos

October 1, 2024 admin

Atomic macOS Stealer porta al furto di dati sensibili su macOS

Credit to Author: Jagadeesh Chandraiah| Date: Thu, 12 Sep 2024 06:32:49 +0000

Sophos X-Ops esplora le modalità di diffusione e le potenzialità dell’Atomic macOS Stealer (AMOS)

Security Sophos

September 12, 2024 admin

Atomic macOS Stealer leads sensitive data theft on macOS

Credit to Author: Jagadeesh Chandraiah| Date: Fri, 06 Sep 2024 11:04:28 +0000

Sophos X-Ops explores the distribution and capabilities of the Atomic macOS Stealer (AMOS)

Microsoft Security

August 14, 2024 admin

Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE

Credit to Author: Microsoft Threat Intelligence| Date: Thu, 08 Aug 2024 18:00:00 +0000

Microsoft researchers found multiple vulnerabilities in OpenVPN that could lead to an attack chain allowing remote code execution and local privilege escalation. This attack chain could enable attackers to gain full control over targeted endpoints, potentially resulting in data breaches, system compromise, and unauthorized access to sensitive information.

The post Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE appeared first on Microsoft Security Blog.

MalwareBytes Security

April 15, 2024 admin

Trusted Advisor now available for Mac, iOS, and Android

Our Trusted Advisor dashboard provides an easy-to-understand assessment of your device’s security.