HackDig : Dig high-quality web security articles

Urgent update for macOS and iOS! Two actively exploited zero-days fixed

Apple has released emergency security updates to fix two zero-day vulnerabilities previously exploited by attackers to hack iPhones, iPads, or Macs. Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. Its goal is to make it easier to share data across separate vulnerability capabilities (tools, da
Publish At:2022-08-18 23:59 | Read:120 | Comments:0 | Tags:Exploits and vulnerabilities News macOS iOS CVE-2022-32894 C

Zoom fixed two flaws in macOS App that were disclosed at DEF CON

Zoom addressed two high-severity vulnerabilities in its macOS app that were disclosed at the DEF CON conference. Zoom last week released macOS updates to fix two high-severity flaws in its macOS app that were disclosed at the DEF CON conference. Technical details of the vulnerabilities were disclosed at the DEF CON conference by security researcher Patri
Publish At:2022-08-17 06:27 | Read:148 | Comments:0 | Tags:Breaking News Security Hacking hacking news information secu

North Korea-linked APT targets Job Seekers with macOS malware

The North Korea-linked Lazarus Group has been observed targeting job seekers with macOS malware working also on Intel and M1 chipsets. ESET researchers continue to monitor a cyberespionage campaign, tracked as “Operation In(ter)ception,” that has been active at least since June 2020. The campaign targets employees working in the aerospace and
Publish At:2022-08-17 06:27 | Read:119 | Comments:0 | Tags:Breaking News Cyber warfare Intelligence Malware Hacking hac

CloudMensis spyware went undetected for many years

Researchers spotted previously undocumented spyware, dubbed CloudMensis, that targets the Apple macOS systems. Researchers from ESET discovered a previously undetected macOS backdoor, tracked as CloudMensis, that targets macOS systems and exclusively uses public cloud storage services as C2. The malware was designed to spy on the target systems, exfil
Publish At:2022-07-19 17:32 | Read:389 | Comments:0 | Tags:Breaking News Hacking Malware CloudMensis hacking news infor

Endpoint security for Mac: 3 best practices

If you’re one of the 50% of small and medium-sized businesses (SMBs) that use Mac devices today, chances are your IT and security teams have a ton of Mac endpoints to monitor.  Securing that many endpoints can get really complex, really fast, especially when you consider that the common wisdom that Macs don’t get malware simply isn’t true: in fact, t
Publish At:2022-07-14 11:52 | Read:462 | Comments:0 | Tags:Business adware Apple dns filtering endpoint detection and r

Microsoft published exploit code for a macOS App sandbox escape flaw

Microsoft published the exploit code for a vulnerability in macOS that can allow an attacker to escape the sandbox. Microsoft publicly disclosed technical details for an access issue vulnerability, tracked as CVE-2022-26706, that resides in the macOS App Sandbox. “Microsoft uncovered a vulnerability in macOS that could allow specially crafted co
Publish At:2022-07-14 05:26 | Read:388 | Comments:0 | Tags:Breaking News Hacking Security hacking news information secu

Lockdown Mode: Apple to protect users from targeted spyware attacks

Apple has previewed a new feature which aims to harden high-risk users from the serious threat of being spied upon by enemy states and intelligence agencies.“Lockdown Mode” is scheduled to arrive later this year with the release of Apple iOS 16 and macOS Ventura. It’s an optional feature for users who believe their computers and smartphones
Publish At:2022-07-07 13:00 | Read:464 | Comments:0 | Tags:Cyber Security Featured Articles Apple Authentication iPhone

Apple’s Planned Obsolescence: iOS 16, macOS Ventura Drop Support for Many Models

The idea of “planned obsolescence” has been around for about 100 years. It is said to have begun in the automobile industry, when GM decided that, to increase flagging sales, the company would make new models every year. Of course, the general concept really began much earlier: look at fashion, where designers decide what people wear each year,
Publish At:2022-06-16 04:42 | Read:1453 | Comments:0 | Tags:Apple iOS iOS 16 macOS macOS Ventura watchOS IOS

QNAP customers urged to disable AFP to protect against severe vulnerabilities

MacOS users that have a network-attached storage (NAS) device made by QNAP are being advised to disable the Apple Filing Protocol (AFP) on their devices until some severe vulnerabilities have been fixed. But QNAP is not the only vendor that needed to fix these vulnerabilities. Others have already done so, or have taken more drastic measures. Taiwanese cor
Publish At:2022-04-28 12:48 | Read:1108 | Comments:0 | Tags:Exploits and vulnerabilities afpqnap cve-2021-23121 cve-2021

How to Set Up and Use Universal Control with macOS Monterey

p> Universal Control is one of the most interesting features in macOS Monterey, but it’s taken months for it to roll out to users. Apple first presented the feature in June 2021, and, while it was slated to be included in macOS Monterey’s first release, it was delayed. It is finally available, but still officially described as "beta."
Publish At:2022-03-30 12:25 | Read:702 | Comments:0 | Tags:How To iPad macOS

China-linked GIMMICK implant now targets macOS

Gimmick is a newly discovered macOS implant developed by the China-linked APT Storm Cloud and used to target organizations across Asia. In late 2021, Volexity researchers investigated an intrusion in an environment they were monitoring and discovered a MacBook Pro running macOS 11.6 (Big Sur) that was compromised with a previously unknown macOS malware tr
Publish At:2022-03-23 10:21 | Read:1384 | Comments:0 | Tags:APT Breaking News Hacking Malware China Gimmick malware Hack

Apple zero-day drama for Macs, iPhones and iPads – patch now!

byPaul DucklinHere on Naked Security, we’ve been lamenting the mysterious nature of Apple’s security updates for ages.For example, even when widely-known security problems appear in components that are part of Apple’s operating system, Apple routinely refuses to say when, or even if, it plans to address the issues itself.Back in February 20
Publish At:2022-02-11 23:17 | Read:1745 | Comments:0 | Tags:Apple iOS OS X Vulnerability CVE-2022-22620 iPad iPhone macO

Update now! Apple patches another actively used zero-day

Apple has released patches for iOS 15.3, iPadOS 15.3, and macOS Monterey 12.2 and is urging users to update. The most significant reasons are two actively exploited zero-day vulnerabilities, one of which has a publicly disclosed Proof-of-Concept (PoC). Using this vulnerability, designated CVE-2022-22587, a malicious app could execute random code with kern
Publish At:2022-01-27 21:02 | Read:1992 | Comments:0 | Tags:Exploits and vulnerabilities IOMobileFrameBuffer iOS iPadOS

Apple fixes Mac bug that could have allowed takeover of webcams and browser tabs

A researcher has picked up a $100,500 bounty from Apple after discovering a rather nasty method of gaining control of other people’s Macs. The issue, discovered lurking in Safari by Ryan Pickren, could make use of rogue websites to perform a number of dubious actions. It begins, as so many attacks do, with a single click. “Check out my website
Publish At:2022-01-27 08:50 | Read:1284 | Comments:0 | Tags:Exploits and vulnerabilities Apple macOS popup safari URI ur

Mac users, update now! “Powerdir” flaw could allow attackers to spy on you

If you have been forgoing updating your Mac, this article might make you think twice. The Microsoft 365 Defender Research Team has discovered a vulnerability in macOS, which allows malicious apps to successfully bypass a user’s privacy preferences. This means attackers could access personal data that was once private, as well as install a malicious
Publish At:2022-01-19 12:46 | Read:1137 | Comments:0 | Tags:Mac Apple Black Hat USA 2021 Csaba Fitzl CVE-2021-30970 macO

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud