Home Tags Mac OSX

Tag: Mac OSX

New Malware-as-a-Service Offerings Target Mac OS X

MacSpy and MacRansom are two early variants of malware-as-a-service portals targeting the broader population of Mac users.

Ransomware-as-a-service schemes are now targeting Macs too

MacRansom is the first known instance of ransomware-as-a-service targeting OS X.

50 hashes per hour

In this research we'll be revisiting the USB port – this time in attempts to intercept user authentication data on the system that a microcomputer is connected to.

As we discovered, this type of attack successfully allows an intruder to retrieve user authentication data – even when the targeted system is locked.

Got an antenna and a tuner? You can now stream live...

Free broadcasts now live where you watch the rest of your streamed content.

Threatpost News Wrap, May 12, 2017

The news of the week is discussed, including this week's Microsoft Malware Protection Engine bug, Handbrake OS X malware, the HP keylogger, Trump's Cybersecurity EO, and more.

Hajime, the mysterious evolving botnet

Hajime (meaning ‘beginning’ in Japanese) is an IoT worm that was first mentioned on 16 October 2016 in a public report by RapidityNetworks.
In this blogpost we outline some of the recent ‘improvements’ to Hajime, some techniques that haven’t been made public, and some statistics about infected IoT devices.

Unraveling the Lamberts Toolkit

The Lamberts is a family of sophisticated attack tools that has been used by one or multiple threat actors against high-profile victims since at least 2008.

The arsenal includes network-driven backdoors, several generations of modular backdoors, harvesting tools, and wipers.

BrandPost: How Does a 20X Speed-Up in Python Grab You?

Thanks to Intel, I just got a 20X speed-up in Python that I can turn on and off with a single command.

And this wasn’t even in ideal conditions. but in a virtual environment: openSUSE Linux (Tumbleweed) running on a VBox on my quad-core iMac. What I did can be done on Windows, Linux, or OS X.  Intel doesn’t list openSUSE on their list of tested Linux configurations (SUSE Enterprise is on the list), but it worked perfectly for me.Here’s how I did it:1.     Download the Anaconda command-line installer from https://www.continuum.io/downloads.To read this article in full or to leave a comment, please click here

Apple pushes security update to OS X Yosemite and El Capitan

Apple has a surprise for OS X Yosemite and El Capitan users -- a security update.

Malware That Targets Both Microsoft, Apple Operating Systems Found

A new strain of malware is designed to spread malware on either Mac OS X or Microsoft Windows, depending on where it’s opened.

Future iOS update will shut the door on apps from the...

Apple is on track to complete its 32-to-64-bit transition in just four years.

Apple quashes bugs in iOS, macOS, and Safari

Apple on Monday updated macOS Sierra to 10.12.3, patching 11 security vulnerabilities and addressing a graphics hardware problem in the latest 15-in. MacBook Pro laptop. At the same time, Apple released iOS 10.2.1, an update that fixed 18 security flaws, the bulk of them in WebKit, the foundation of the baked-in Safari browser. According to Apple’s typically terse update documentation, macOS 10.12.3 “improves automatic graphics switching on MacBook Pro (15-in., October 2016).” Another fix addressed “graphics issues” on both the 15-in. and the smaller 13-in. sibling when encoding in Adobe Premiere Pro; that bug attracted attention after a video showing a notebook wildly cycling through colors went viral. Apple unveiled the new MacBook Pro on Oct. 29.
Its most notable feature was the “Touch Bar,” a narrow display above the top row of keys that responds to gestures and adapts to the active application. The same update also patched nearly a dozen vulnerabilities, most of them critical.

A pair of kernel bugs reported to Apple by Google Project Zero, for instance, was cited as having the potential to “execute arbitrary code,” Apple-speak for a very serious vulnerability ranking. iOS was also refreshed Monday, with 10.2.1 offered to iPhone and iPad owners. Apple described only the 18 vulnerabilities patched by the update.

Thirteen of those flaws were within WebKit, the open-source project that produces the rendering engine that powers Safari. Safari on macOS was also updated to patch 12 of the 13 bugs quashed in the iOS version. Labeled Safari 10.0.3, it was packaged with the Sierra 10.12.3 update, but was made available separately to Mac owners running the older OS X Yosemite and OS X El Capitan, Sierra’s predecessors. Although no description in the Safari 10.0.3 update mentioned the bug reported by Consumer Reports—the flaw resulted in the magazine initially refusing to recommend the new MacBook Pro notebooks because of unusual battery test results—Apple previously said it dealt with the flaw in a beta leading up to macOS 10.12.3.
If so, it should also have been fixed in the Safari-only update. The iOS, macOS and Sierra updates will be automatically offered on the appropriate devices. Users can manually trigger an update on a Mac by selecting “App Store” from the Apple menu, then choosing “Updates” from the row of icons at the top of the window. On iPhones and iPads, users can begin an update by touching “Settings,” then “General,” then “Software Update.” This story, "Apple quashes bugs in iOS, macOS, and Safari" was originally published by Computerworld.