Pierluigi Paganini
October 10, 2019
Security experts discovered a critical remote code execution vulnerability, tracked as CVE-2019-9535, in the GPL-licensed iTerm2Â macOS terminal emulator app. Security experts at cybersecurity firm Radically Open Security (ROS) discovered a 7-year old critical remote code execution vulnerability in the GPL-licensed iTerm2 macOS terminal emulator app. The iTerm2Â macOS terminal emulator app is one of the most […]
Pierluigi Paganini
June 04, 2019
A security expert found a flaw could be exploited to bypass macOS security and privacy features by using synthetic clicks. The popular white hat hacker Patrick Wardle, co-founder and chief research officer at Digita Security, discovered a vulnerability that could be exploited to bypass security warnings by performing ‘Synthetic Clicks’ on behalf of users without […]
Pierluigi Paganini
May 31, 2019
A security researcher demonstrated how to bypass the Apple macOS Gatekeeper by leveraging trust in network shares. The Italian security researcher Filippo Cavallarin demonstrated how to bypass the macOS Gatekeeper by leveraging trust in network shares. The Apple Gatekeeper is designed to protect OS X users by performing a number of checks before allowing an App to run. […]
Pierluigi Paganini
April 17, 2019
A local file path traversal issue exists in Evernote 7.9 for macOS which allows an attacker to execute arbitrary programs. Technical observation:A crafted URI can be used in a note to perform this attack using file:/// as an argument or by traversing to any directory like(../../../../something.app). Since Evernote also has a feature of sharing notes, in such a […]
Pierluigi Paganini
March 04, 2019
Cybersecurity expert at Google Project Zero has publicly disclosed details and proof-of-concept exploit for a high-severity security vulnerability in macOS operating system. Google Project Zero white hat hacker Jann Horn disclosed the flaw according to the 90-days disclosure policy of the company because Apple failed to address the issue within 90 days of being notified. […]
Pierluigi Paganini
February 07, 2019
A zero-day vulnerability in macOS Mojave can be exploited by malware to steal plaintext passwords from the Keychain. The security expert Linus Henze has disclosed the existence of a zero-day vulnerability in macOS Mojave that can be exploited by malware to steal plaintext passwords from the Keychain. According to Henze, the flaw affects macOS Mojave […]
Pierluigi Paganini
January 07, 2019
ReiKey is a free tool that allows to scan and detect keylogger that install persistent keyboard “event taps” to intercept your keystrokes. Good news for macOS users, a new open source tool dubbed ReiKey allows them to detect Mac Keyloggers. The ReiKey app monitor systems for applications that analyzed keyboard ‘event taps‘ to monitor and […]
Pierluigi Paganini
September 25, 2018
The popular macOS expert and former NSA hacker has discovered a zero-day vulnerability in macOS on Mojave ‘s release day. It is always Patrick Wardle, this time the popular expert and former NSA hacker has found a zero-day flaw in macOS on Mojave ‘s release day. According to the expert, the implementation bug can be […]
Pierluigi Paganini
August 24, 2018
North Korea-linked Lazarus APT group leveraged for the first time on a MacOS variant of the Fallchill malware in a cryptocurrency exchange attack. According to Kaspersky, the North Korea-linked Lazarus group used a macOS malware to target a cryptocurrency exchange in a recent attack. The activity of the Lazarus Group surged in 2014 and 2015, […]
Pierluigi Paganini
August 13, 2018
Patrick Wardle, the popular white hat hacker, has discovered a zero-day vulnerability that could allow attackers to carry out synthetic mouse-click attacks Patrick Wardle, the popular white hat hacker and chief research officer at Digita Security, has discovered a zero-day vulnerability that could allow attackers to mimic mouse-clicks for kernel access. Wardle presented his discovery […]
