HackDig : Dig high-quality web security articles for hacker

Millions of Macs open to EFI Firmware Hacks even if they are up-to-date

A group of researchers with Duo Security demonstrated that millions of Up-to-Date Apple Macs are vulnerable to EFI Firmware attacks. In 2015, the security researcher Trammell Hudson demonstrated at the Chaos Computer Congress in Hamburg, how it is possible to infect Apple Mac PCs exploiting the Thunderbolt port. Since the disclosure of the attack against th
Publish At:2017-10-01 02:25 | Read:1324 | Comments:0 | Tags:Breaking News Hacking Reports Apple bootkit EFI hack OS X Th

Cross-platform Mokes backdoor OS X exists and is spreading in the wild

Malware researchers from Kaspersky Lab confirmed the existence of an OS X variant of the Mokes backdoor discovered in January by Kaspersky. Malware researchers from Kaspersky Lab confirmed the existence of an OS X variant of a recently discovered family of cross-platform backdoors. The backdoors family was named Mokes and a strain of malware was first spotte
Publish At:2016-09-08 10:15 | Read:2246 | Comments:0 | Tags:Breaking News Cyber Crime Malware backdoor Cybercrime Mac ma

Apple Issues Critical Updates for Spyware Flaws in Mac OS X, Safari

Apple issued critical updates for OS X Yosemite and El Capitan on Thursday to patch security vulnerabilities resembling those discovered on iOS 9.3.5 earlier this week.Dubbed Trident, the three zero-day vulnerabilities (CVE-2016-4655, CVE-2016-4656 and CVE-2016-4657) could allow an attacker to silently jailbreak an iOS device and spy on victims, warned resea
Publish At:2016-09-03 00:40 | Read:2480 | Comments:0 | Tags:Latest Security News Apple iOS OS X Safari spyware zero-day

After hiatus, in-the-wild Mac backdoors are suddenly back

After taking a hiatus, Mac malware is suddenly back, with three newly discovered strains that have access to Web cameras, password keychains, and pretty much every other resource on an infected machine.The first one, dubbed Eleanor by researchers at antivirus provider Bitdefender, is hidden inside EasyDoc Converter, a malicious app that is, or at least was,
Publish At:2016-07-07 00:40 | Read:3709 | Comments:0 | Tags:Infinite Loop Law & Disorder Risk Assessment Technology Lab

Do I really need anti-malware for my Mac?

On the popular Discovery Channel program “Mythbusters,” hosts Adam Savage and Jamie Hyneman take a legend and deconstruct it to see whether its long-held beliefs are legitimate. They’ve busted all kinds of myths, from Jimmy Hoffa being buried under Giants Stadium (not true) to the ability to kill someone without a trace using an ice bullet
Publish At:2016-05-20 16:05 | Read:1759 | Comments:0 | Tags:101 FYI adware anti-malware for Mac os X

This tool can block ransomware on Mac OS X, for now

A security researcher has created a free security tool that can detect attempts by ransomware programs to encrypt files on users' Macs and then block them before they do a lot of damage.Called RansomWhere? the application is the creation of Patrick Wardle, director of research and development at security firm Synack. It's meant to detect and block the en
Publish At:2016-04-21 19:20 | Read:1526 | Comments:0 | Tags:Security Malware OS X Encryption

Apple's emphasis on security makes ARM-powered Macs 'inevitable'

Apple will offer Macs equipped with an ARM processor, the same silicon used in the iPhone and iPad, an analyst said, calling the move "inevitable" because of the company's emphasis on security and encryption."If Apple truly wants to bring their security philosophy to their products in every part of the ecosystem, they must also do what many predict and m
Publish At:2016-04-21 01:05 | Read:2175 | Comments:0 | Tags:OS X iOS Security

First Mac ransomware spotted

Apple quietly added detection of something called “KeRanger” to the XProtect anti-malware definitions in OS X on Saturday. It was revealed on Sunday by Claud Xiao of Palo Alto Networks that KeRanger is the first real Mac ransomware, and it’s not just theoretical. It’s in the wild. According to Xiao, the Transmission app – a BitT
Publish At:2016-03-08 09:30 | Read:1955 | Comments:0 | Tags:Mac Apple malware os X ransomware security

The return of HackingTeam with new implants for OS X

Last week, Patrick Wardle published a nice analysis of a new Backdoor and Dropper used by HackingTeam, which is apparently alive and well. Since HackingTeam implants are built on-demand for each target, and it appears that the samples mentioned in the blog were found in-the-wild, we wanted to take a closer look: to see how it works and what its functionality
Publish At:2016-03-02 14:55 | Read:3067 | Comments:0 | Tags:Blog Featured Research Apple Backdoor Banloader Cyber espion

A sophisticated variant of OceanLotus trojan targets OS X systems

In May 2015, the Chinese security firm Qihoo 360 published a report on a Trojan called OceanLotus that was being used since 2012 for APT attacks in the Chinese market. The APT attacks based  on the OceanLotus focused on government organizations, research institutes, maritime agencies, and companies specializing in other activities. At the time were found fou
Publish At:2016-02-18 20:55 | Read:1901 | Comments:0 | Tags:Breaking News Cyber Crime Intelligence Malware Security APT

Warning: Bug in Adobe Creative Cloud deletes Mac user data without warning

Adobe Systems has stopped distributing a recently issued update to its Creative Cloud graphics service amid reports a Mac version can delete important user data without warning or permission.The deletions happen whenever Mac users log in to the Adobe service after the update has been installed, according to officials from Backblaze, a data backup service who
Publish At:2016-02-13 10:20 | Read:2085 | Comments:0 | Tags:Infinite Loop Risk Assessment Technology Lab Adobe Creative

“Huge” number of Mac apps vulnerable to hijacking, and a fix is elusive

Camtasia, uTorrent, and a large number of other Mac apps are susceptible to man-in-the-middle attacks that install malicious code, thanks to a vulnerability in Sparkle, the third-party software framework the apps use to receive updates.The vulnerability is the result of apps that use a vulnerable version of Sparkle along with an unencrypted HTTP channel to r
Publish At:2016-02-09 15:55 | Read:1831 | Comments:0 | Tags:Infinite Loop Risk Assessment Technology Lab apps exploits M

Analysis of iOS & OS X Vulnerability: CVE-2016-1722

Reported by: Nikias Bassen, Joshua Drake Security Researchers at Zimperium zLabs Apple released iOS 9.2.1 update, the first iOS security update in 2016. As part of this update, Apple fixed code execution vulnerability in syslogd that was reported by Zimperium zLabs researchers Nikias Bassen and Joshua J. Drake. In this blog we’ll share how we identified this
Publish At:2016-01-22 01:35 | Read:3416 | Comments:0 | Tags:iOS Research CVE-2016-1722 OS X IOS Vulnerability

Apple Fails to Properly Fix Gatekeeper Security Hole, Claims Researcher

Anyone who remembers those "I'm a PC, I'm a Mac" ads from some years back will surely remember that a key message that Apple wants to get across to potential customers was this: PCs have a malware problem, Macs don't.Of course, that message was partly spin — there had been malware for Apple computers, even before it had existed for PCs.And, in recent years,
Publish At:2016-01-16 07:50 | Read:2010 | Comments:0 | Tags:Apple Security & Privacy CVE-2015-7024 gatekeeper OS X Patri

Don’t Believe Headlines That Claim OS X Was The “Most Vulnerable” Software of 2015

There is an old saying that is always worth remembering: "There are three kinds of lies: lies, damned lies, and statistics."That's the thought that sprung to my mind in recent days as I read news stories claiming that OS X was the most vulnerable software of the year (e.g. Hackread, SC Magazine, Techworm, Fudzilla, and countless others...).The news reports s
Publish At:2016-01-06 12:45 | Read:1653 | Comments:0 | Tags:Apple Software & Apps iOS OS X vulnerability

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud