Tag: macOS
-
Godot Engine Exploited to Spread Malware on Windows, macOS, Linux
Check Point Research has discovered cybercriminals exploiting the popular Godot Game Engine to deliver malicious software. Discover the techniques used by attackers and how to protect yourself from these threats. First seen on hackread.com Jump to article: hackread.com/godot-engine-malware-on-windows-macos-linux/
-
Wie man Videospiel-Engines für Hacking missbraucht
Check Point Software Technologies kam einer neuen Hacker-Masche auf die Spur. Mithilfe der Gaming-Engine können Cyberkriminelle verschiedene Betriebssysteme von vernetzten Geräten attackieren, darunter Windows, MacOS, Linux, Android und iOS. Verbreitet wird der schädliche Code von dem Malware-Netzwerk , die Check Point vor einigen Monaten untersucht hatte, über die Open-Source-Plattform Github. In […] First seen on…
-
Popular game script spoofed to infect thousands of game developers
A malware loader, now named GodLoader, has been observed to be using Godot, a free and open-source game engine, as its runtime to execute malicious codes and has dropped known malware on at least 17,000 machines.Unaware users of the engine, which helps create 2D and 3D games and deploy them across various platforms including Windows,…
-
Source Code Of macOS Banshee Stealer Leaked
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36643/Source-Code-Of-macOS-Banshee-Stealer-Leaked.html
-
Banshee Stealer Quellcode geleakt: macOS-Malware unschädlich gemacht
Cyberkriminelle geben auf: Die Malware Banshee Stealer für MacOS wurde nach Veröffentlichung des Quellcodes aufgegeben. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/banshee-stealer-quellcode-geleakt-macos-malware-unschaedlich-gemacht-304847.html
-
Lazarus Hackers Exploits macOS Extended Attributes To Evade Detection
The xattr command in Unix-like systems allows for the embedding of hidden metadata within files, similar to Windows ADS, known as Rustyattr, which is being exploited by threat actors like Lazarus Group to stealthily conceal malicious payloads within seemingly benign files. The Lazarus Group is covertly embedding malicious data within system files using xattr, a…
-
Source Code of $3,000Month macOS Malware ‘Banshee Stealer’ Leaked
The Banshee Stealer macOS malware operation, which emerged earlier this year, was reportedly shut down following a source code leak. The post Source Code of $3,000-a-Month macOS Malware ‘Banshee Stealer’ Leaked appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/source-code-of-3000-a-month-macos-malware-banshee-stealer-leaked/
-
The source code of Banshee Stealer leaked online
Banshee Stealer, a MacOS Malware-as-a-Service, shut down after its source code leaked online. The code is now available on GitHub. In August 2024, Russian hackers promoted BANSHEE Stealer, a macOS malware targeting x86_64 and ARM64, capable of stealing browser data, crypto wallets, and more. BANSHEE Stealer supports basic evasion techniques, relies on the sysctl API…
-
Weaponized pen testers are becoming a new hacker staple
Tags: access, attack, cloud, credentials, defense, google, hacker, iam, intelligence, linux, macOS, malicious, malware, microsoft, open-source, password, penetration-testing, RedTeam, software, strategy, threat, tool, vulnerability, windowsMalicious adaptations of popular red teaming tools like Cobalt Strike and Metasploit are causing substantial disruption, emerging as a dominant strategy in malware campaigns.According to research by threat-hunting firm Elastic, known for its search-powered solutions, these two conventional penetration testing tools were weaponized to account for almost half of all malware activities in 2024.”The most…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 21
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Fake AI video generators infect Windows, macOS with infostealers How Italy became an unexpected spyware hub Babble Babble Babble Babble Babble Babble BabbleLoader One Sock Fits All: The use and abuse of the NSOCKS botnet Helldown…
-
Steam cuts the cord for legacy Windows and macOS
Don’t say you weren’t warned First seen on theregister.com Jump to article: www.theregister.com/2024/11/20/valve_steam_legacy_os/
-
macOS WorkflowKit Race Vulnerability Allows Malicious Apps to Intercept Shortcuts
A race condition vulnerability in Apple’s WorkflowKit has been identified, allowing malicious applications to intercept and manipulate shortcuts on macOS systems. This vulnerability, cataloged as CVE-2024-27821, affects the shortcut extraction and generation processes within the WorkflowKit framework, which is integral to the Shortcuts app on macOS Sonoma. macOS WorkflowKit Race Vulnerability The vulnerability arises from…
-
Apple Confirms Zero Day Attacks Hitting macOS Systems
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36616/Apple-Confirms-Zero-Day-Attacks-Hitting-macOS-Systems.html
-
Apple Security Update: Addressing Critical Vulnerabilities in Apple Software
Apple recently rolled out a security update that addresses critical vulnerabilities in multiple Apple devices. Released on November 19, the Apple security update impacts various platforms, including iOS, iPadOS, macOS, visionOS, and Safari, and is aimed at protecting users from increasingly sophisticated cyber threats. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/apple-security-update-nov-2024/
-
MacOS-Nutzer attackiert: Apple patcht aktiv ausgenutzte Sicherheitslücken
Apple hat bestätigt, dass Angriffe auf Intel-basierte Macs beobachtet wurden. iOS, iPadOS, VisionOS und Safari scheinen aber ebenso anfällig zu sein. First seen on golem.de Jump to article: www.golem.de/news/macos-nutzer-attackiert-apple-patcht-aktiv-ausgenutzte-sicherheitsluecken-2411-190959.html
-
Apple addressed two actively exploited zero-day vulnerabilities
Apple released security updates for iOS, iPadOS, macOS, visionOS, and Safari browser to address two actively exploited zero-day flaws. Apple released security updates for two zero-day vulnerabilities, tracked as CVE-2024-44309 and CVE-2024-44308, in iOS, iPadOS, macOS, visionOS, and Safari web browser, which are actively exploited in the wild. The vulnerability CVE-2024-44309 is a cookie management issue…
-
Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308)
Apple has released emergency security updates for macOS Sequoia that fix two zero-day vulnerabilities (CVE-2024-44309, CVE-2024-44308) that >>may have been actively … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/20/cve-2024-44309-cve-2024-44308/
-
WebKit-Exploit: Apple aktualisiert iOS, iPadOS, visionOS, macOS 15 und Safari
Apple schiebt iOS 18.1.1, macOS 15.1.1 und visionOS 2.1.1 nach, um aktiv ausgenutzte Exploits zu stoppen. Nutzer sollten am besten schnell aktualisieren. First seen on heise.de Jump to article: www.heise.de/news/WebKit-Exploit-Apple-aktualisiert-iOS-iPadOS-visionOS-macOS-15-und-Safari-10072858.html
-
Apple Notfall-Sicherheitsupdate: Intel-basierte Mac-Systeme in Gefahr
Apple schließt kritische Sicherheitslücken in macOS mit Notfall-Sicherheitsupdates. Jetzt handeln und vor Zero-Day-Angriffen schützen! First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/apple-notfall-sicherheitsupdate-intel-basierte-mac-systeme-in-gefahr-304500.html
-
Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities
Apple has released security updates for iOS, iPadOS, macOS, visionOS, and its Safari web browser to address two zero-day flaws that have come under active exploitation in the wild.The flaws are listed below -CVE-2024-44308 – A vulnerability in JavaScriptCore that could lead to arbitrary code execution when processing malicious web contentCVE-2024-44309 – A cookie management…
-
macOS-Schwachstelle umgeht Datenschutzkontrollen im Safari-Browser
First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/macos-schwachstelle-umgeht-datenschutzkontrollen-im-safari-browser-302991.html
-
Apple Confirms Zero-Day Attacks Hitting macOS Systems
Apple rushes out out major macOS and iOS security updates to cover a pair of vulnerabilities already being exploited in the wild. The post Apple Confirms Zero-Day Attacks Hitting macOS Systems appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/apple-confirms-zero-day-attacks-hitting-intel-based-macs/
-
Apple Confirms Zero-Day Attacks Hitting Intel-based Macs
Apple rushes out out major macOS and iOS security updates to cover a pair of vulnerabilities already being exploited in the wild. The post Apple Confirms Zero-Day Attacks Hitting Intel-based Macs appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/apple-confirms-zero-day-attacks-hitting-intel-based-macs/
-
Lumma Stealer statt KI-App: Malware befällt Windows und macOS
Vorsicht vor falschen KI-Tools wie EditProAI: Lumma Stealer bedroht Windows und macOS. So erkennt und vermeidet ihr die gut getarnte Malware. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/lumma-stealer-statt-ki-app-malware-befaellt-windows-und-macos-304346.html
-
Fake AI video generators infect Windows, macOS with infostealers
Fake AI image and video generators infect Windows and macOS with the Lumma Stealer and AMOS information-stealing malware, used to steal credentials and cryptocurrency wallets from infected devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fake-ai-video-generators-infect-windows-macos-with-infostealers/
-
Bitfinex Hacker Gets 5 Years for $10 Billion Bitcoin Heist
Plus: An “AI granny” is wasting scammers’ time, a lawsuit goes after spyware-maker NSO Group’s executives, and North Korealinked hackers take a crack at macOS malware. First seen on wired.com Jump to article: www.wired.com/story/bitfinex-hacker-gets-5-years-for-10-billion-bitcoin-heist/
-
macOS HM Surf vuln might already be under exploit by major malware family
First seen on theregister.com Jump to article: www.theregister.com/2024/10/21/microsoft_macos_hm_surf/
-
North Korea’s Lazarus observed testing new macOS trojan in the wild
First seen on scworld.com Jump to article: www.scworld.com/news/north-koreans-lazarus-observed-testing-new-macos-trojan-in-the-wild
-
MacOS 15.1: Apple patcht Drittanbieter-Firewalls kaputt
Wer unter MacOS 15.1 Drittanbieter-Firewalls wie Little Snitch verwendet, könnte auf Probleme stoßen. Filterregeln bleiben je nach Konfiguration wirkungslos. First seen on golem.de Jump to article: www.golem.de/news/macos-15-1-apple-patcht-drittanbieter-firewalls-kaputt-2411-190821.html