macOS Archives - Page 4 of 8 - Security Affairs

Pierluigi Paganini November 21, 2022

Expert published PoC exploit code for macOS sandbox escape flaw

A researcher published details and proof-of-concept (PoC) code for High-Severity macOS Sandbox escape vulnerability tracked as CVE-2022-26696. Researcher Wojciech Reguła (@_r3ggi) of SecuRing published technical details and proof-of-concept (PoC) code for a macOS sandbox escape vulnerability tracked as CVE-2022-26696 (CVSS score of 7.8). In a wrap-up published by Regula, the researcher observed that the problem is caused […]

Pierluigi Paganini November 10, 2022

Apple out-of-band patches fix remote code execution bugs in iOS and macOS

Apple released out-of-band patches for iOS and macOS to fix a couple of code execution vulnerabilities in the libxml2 library. Apple released out-of-band patches for iOS and macOS to address two code execution flaws, tracked as CVE-2022-40303 and CVE-2022-40304, in the libxml2 library for parsing XML documents. The two vulnerabilities were discovered by Google Project […]

Pierluigi Paganini October 13, 2022

The discovery of Alchimist C2 tool, revealed a new attack framework to target Windows, macOS, and Linux systems

Experts discovered a new attack framework, including a C2 tool dubbed Alchimist, used in attacks against Windows, macOS, and Linux systems. Researchers from Cisco Talos discovered a new, previously undocumented attack framework that included a C2 dubbed Alchimist. The framework is likely being used in attacks aimed at Windows, macOS, and Linux systems. The experts […]

Pierluigi Paganini September 27, 2022

North Korea-linked Lazarus continues to target job seekers with macOS malware

North Korea-linked Lazarus APT group is targeting macOS Users searching for jobs in the cryptocurrency industry. North Korea-linked Lazarus APT group continues to target macOS with a malware campaign using job opportunities as a lure. The attackers aimed at stealing credentials for the victims’ wallets. Last week, SentinelOne researchers discovered a decoy documents advertising positions […]

Pierluigi Paganini August 17, 2022

North Korea-linked APT targets Job Seekers with macOS malware

The North Korea-linked Lazarus Group has been observed targeting job seekers with macOS malware working also on Intel and M1 chipsets. ESET researchers continue to monitor a cyberespionage campaign, tracked as “Operation In(ter)ception,” that has been active at least since June 2020. The campaign targets employees working in the aerospace and military sectors and leverages […]

Pierluigi Paganini August 17, 2022

Zoom fixed two flaws in macOS App that were disclosed at DEF CON

Zoom addressed two high-severity vulnerabilities in its macOS app that were disclosed at the DEF CON conference. Zoom last week released macOS updates to fix two high-severity flaws in its macOS app that were disclosed at the DEF CON conference. Technical details of the vulnerabilities were disclosed at the DEF CON conference by security researcher […]

Pierluigi Paganini July 19, 2022

CloudMensis spyware went undetected for many years

Researchers spotted previously undocumented spyware, dubbed CloudMensis, that targets the Apple macOS systems. Researchers from ESET discovered a previously undetected macOS backdoor, tracked as CloudMensis, that targets macOS systems and exclusively uses public cloud storage services as C2. The malware was designed to spy on the target systems, exfiltrate documents, acquire keystrokes, and screen captures. […]

Pierluigi Paganini July 14, 2022

Microsoft published exploit code for a macOS App sandbox escape flaw

Microsoft published the exploit code for a vulnerability in macOS that can allow an attacker to escape the sandbox. Microsoft publicly disclosed technical details for an access issue vulnerability, tracked as CVE-2022-26706, that resides in the macOS App Sandbox. “Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted […]

Pierluigi Paganini March 23, 2022

China-linked GIMMICK implant now targets macOS

Gimmick is a newly discovered macOS implant developed by the China-linked APT Storm Cloud and used to target organizations across Asia. In late 2021, Volexity researchers investigated an intrusion in an environment they were monitoring and discovered a MacBook Pro running macOS 11.6 (Big Sur) that was compromised with a previously unknown macOS malware tracked […]

Pierluigi Paganini December 26, 2021

Apple fixed macOS flaw that could allow to bypass Gatekeeper security feature

Apple recently addressed fixed a flaw in the macOS that could be potentially exploited by an attacker to bypass Gatekeeper security feature. Apple recently addressed a vulnerability in the macOS operating system, tracked as CVE-2021-30853, that could be potentially exploited by an attacker to bypass the Gatekeeper security feature and run arbitrary code. The vulnerability […]

macOS

Expert published PoC exploit code for macOS sandbox escape flaw

Apple out-of-band patches fix remote code execution bugs in iOS and macOS

The discovery of Alchimist C2 tool, revealed a new attack framework to target Windows, macOS, and Linux systems

North Korea-linked Lazarus continues to target job seekers with macOS malware

North Korea-linked APT targets Job Seekers with macOS malware

Zoom fixed two flaws in macOS App that were disclosed at DEF CON

CloudMensis spyware went undetected for many years

Microsoft published exploit code for a macOS App sandbox escape flaw

China-linked GIMMICK implant now targets macOS

Apple fixed macOS flaw that could allow to bypass Gatekeeper security feature

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Hunters International ransomware gang shuts down and offers free decryption keys to all victims

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 52

Security Affairs newsletter Round 531 by Pierluigi Paganini – INTERNATIONAL EDITION

North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates

Critical Sudo bugs expose major Linux distros to local Root exploits

QUICK LINKS

macOS

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!