HackDig : Dig high-quality web security articles for hacker

Clipboard poisoning attacks on the Mac

Graham Cluley drew my attention the other day to an issue that has apparently been known to some for years, but was new to me: clipboard poisoning, an issue where a website can replace what you think is on your clipboard with something else. Although this seems like an insignificant issue on first glance, it turns out that there are some very serious implica
Publish At:2016-05-28 06:35 | Read:4203 | Comments:0 | Tags:Mac Threat analysis Apple JavaScript mac safari

New Mac OS X Remediation Offering and Forensics Capabilities for Enterprise

At Malwarebytes, our mission is to protect consumers and businesses from the most dangerous cyber threats. Today, we announced a new solution that will dramatically change endpoint detection and response (EDR) for Mac users – a growing target area for hackers. The fact that Mac users are safe from cyber threats is a common misconception. While it’s true that
Publish At:2016-05-26 18:05 | Read:2788 | Comments:0 | Tags:CEO announcements Malwarebytes news Apple business endpoint

FBI discloses iOS security flaw, but not the one used to crack the San Bernardino iPhone

The FBI still won’t tell Apple how the third-party hackers it hired to crack the iPhone 5c used by the San Bernardino mass shooter managed to get into the device, but the agency has shared another security vulnerability with Cupertino. That’s real nice of them and all, but Apple had already fixed that particular flaw.According to Reuters, the FBI told Ap
Publish At:2016-04-27 21:20 | Read:2041 | Comments:0 | Tags:Software Security iOS Mac Legal Encryption IOS

Threat Recap: Week of March 14th

A lot happens in the security world and many stories get lost in the mix. In an effort to keep our readers informed and updated, we present the Webroot Threat Recap, highlighting 5 major security news stories of the week. Credit Card Fraud Now Quicker Than Ever There are thousands of cases of credit card fraud that occur every year, usually through a merchan
Publish At:2016-03-18 20:00 | Read:3118 | Comments:0 | Tags:Threat Research Bank breach Breach Credit Card Fraud DDOS ma

An iCloud scam that may be worse than ransomware

Ransomware – malicious software that encrypts your files and then demands payment to unlock them – has become a major scourge of the Windows world. Mac users just had their first brush with such threats last week, with the appearance of the KeRanger ransomware. However, shortly before KeRanger, I encountered a ransomware event in the Mac world fa
Publish At:2016-03-16 16:45 | Read:3015 | Comments:0 | Tags:Mac Apple icloud iPhone mac osx password ransomware Cloud

First Mac ransomware spotted

Apple quietly added detection of something called “KeRanger” to the XProtect anti-malware definitions in OS X on Saturday. It was revealed on Sunday by Claud Xiao of Palo Alto Networks that KeRanger is the first real Mac ransomware, and it’s not just theoretical. It’s in the wild. According to Xiao, the Transmission app – a BitT
Publish At:2016-03-08 09:30 | Read:3156 | Comments:0 | Tags:Mac Apple malware os X ransomware security

What you need to know about the new KeRanger Ransomware.

  Palo Alto Networks recently discovered ransomware hidden inside of the torrenting app ‘Transmission’. While this may come as a shock to those that still believe the Mac is a fortress that can’t be broken, the rest of us are not shocked at all. In fact, a few months back I wrote a blog warning Mac users not to dismiss Mac malware. It
Publish At:2016-03-08 06:15 | Read:4375 | Comments:0 | Tags:Threat Research encrypting ransomware Keranger mac mac malwa

Take note, next week update Adobe Reader and Acrobat to fix critical flaws

Adobe announced that it will release security updates next week to patch vulnerabilities in Acrobat and Reader products for Windows and Mac. Adobe has announced yesterday, March 8, that it will release security updates next week to patch vulnerabilities in Acrobat and Reader products for Windows and Mac. We are speaking about critical vulnerabilities that fo
Publish At:2016-03-04 22:35 | Read:3073 | Comments:0 | Tags:Breaking News Security Acrobat Adobe Cybersecurity Mac Windo

“Huge” number of Mac apps vulnerable to hijacking, and a fix is elusive

Camtasia, uTorrent, and a large number of other Mac apps are susceptible to man-in-the-middle attacks that install malicious code, thanks to a vulnerability in Sparkle, the third-party software framework the apps use to receive updates.The vulnerability is the result of apps that use a vulnerable version of Sparkle along with an unencrypted HTTP channel to r
Publish At:2016-02-09 15:55 | Read:2978 | Comments:0 | Tags:Infinite Loop Risk Assessment Technology Lab apps exploits M

App Update Tool Could Endanger iOS Users

On Wednesday, FireEye posted a very detailed article about a concerning trend among iOS developers. Some developers are integrating an update library called JSPatch, used for delivering faster updates to their apps. That’s a great idea, but unfortunately, there are some serious security concerns involved. Apple exerts very tight control over the iOS Ap
Publish At:2016-01-29 23:10 | Read:2463 | Comments:0 | Tags:Mac Apple iOS iPhone JavaScript security IOS

Was Mac OS X really the most vulnerable in 2015?

Much has been said in the security world about the recent release of data on vulnerabilities discovered in 2015. Due to the way this data has been presented, many news outlets have been reporting that Mac OS X was the “most vulnerable” OS in 2015. But was it really? It turns out, there are some issues with the way the data is presented and the co
Publish At:2016-01-08 20:50 | Read:3276 | Comments:0 | Tags:Mac Apple mac security vulnerability

Massive MacKeeper data breach

Kromtech, the developer of MacKeeper, has suffered a major breach that has exposed more than 13 million users’ data. Chris Vickery, a security researcher who has uncovered a number of similar data breaches in the past, found that a Kromtech database full of sensitive data was accessible over the internet… without any login required. Vickery found
Publish At:2015-12-18 00:25 | Read:3594 | Comments:0 | Tags:Mac breach hack security

VirusTotal Now Scans Mac Apps for Malware in a Sandbox

VirusTotal, a popular online file scanning service that analyzes files and URLs for the identification of malware, is now executing suspicious Mac apps inside a sandbox to improve its analysis and detection of Mac malware. VirusTotal now extracts behavioral information from scanned Mac executable files, an important step forward for the Google-owned file sca
Publish At:2015-11-20 01:30 | Read:3365 | Comments:0 | Tags:Security News antivirus apps Google Mac malware OS X Sandbox

Google-owned VirusTotal starts analyzing Mac malware in a sandbox

VirusTotal, the most widely used online file-scanning service, is now executing suspicious Mac apps submitted by users inside a sandbox to generate information that could improve the analysis and detection of Mac malware.This comes at a time when, according to security vendors, the number of potentially unwanted Mac OS X applications, especially adware p
Publish At:2015-11-18 15:55 | Read:1809 | Comments:0 | Tags:Security Malware Mac Virus

Beware scams in the wake of the App Store slip-up

Mac users began to have problems opening apps downloaded from the App Store Wednesday morning. This caused messages that the apps were damaged and would need to be re-downloaded from the App Store. It turned out that the problem was an expired cryptographic certificate at Apple, used to verify the legitimacy of these apps. Apple didn’t renew it in time
Publish At:2015-11-14 03:00 | Read:2005 | Comments:0 | Tags:Mac Apple mac os X

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud