Tag: macOS

New Banshee Stealer Variant Bypasses Antivirus with Apple’s XProtect-Inspired Encryption

Jan 9, 2025 4:18 PM

Tags: antivirus, apple, cybersecurity, encryption, hacker, leak, macOS, malware

Cybersecurity researchers have uncovered a new, stealthier version of a macOS-focused information-stealing malware called Banshee Stealer.”Once thought dormant after its source code leak in late 2024, this new iteration introduces advanced string encryption inspired by Apple’s XProtect,” Check Point Research said in a new analysis shared with The Hacker News. “This development allows it to…
iTerm2 Emulator Vulnerability Let Attackers Access Sensitive User Data

Jan 3, 2025 7:19 AM

Tags: access, cyber, cybersecurity, data, flaw, macOS, malicious, software, update, vulnerability

A critical vulnerability discovered in the popular macOS terminal emulator iTerm2 has raised concerns among cybersecurity experts and software users. The flaw, which could allow malicious attackers to access sensitive user data, underscores the importance of timely updates and vigilant software management. Vulnerability Details Security researchers disclosed the details of the vulnerability late last week.…
KI: Datenschutzbedenken bei neuer Fotosuchfunktion von Apple

Dec 29, 2024 3:43 PM

Tags: ai, apple, macOS

In iOS 18 und MacOS 15 gibt es eine standardmäßig aktivierte Funktion namens erweiterte visuelle Suche in der Foto-App. Die wirft Datenschutzbedenken auf. First seen on golem.de Jump to article: www.golem.de/news/ki-training-datenschutzbedenken-bei-neuer-fotosuchfunktion-von-apple-2412-192016.html
KI-Training: Datenschutzbedenken bei neuer Fotosuchfunktion von Apple

Dec 29, 2024 2:43 PM

Tags: ai, apple, macOS, training

In iOS 18 und MacOS 15 gibt es eine standardmäßig aktivierte Funktion namens erweiterte visuelle Suche in der Foto-App. Die wirft Datenschutzbedenken auf. First seen on golem.de Jump to article: www.golem.de/news/ki-training-datenschutzbedenken-bei-neuer-fotosuchfunktion-von-apple-2412-192016.html
Apple Intelligence raises stakes in privacy and security

Dec 26, 2024 4:43 PM

Tags: ai, apple, intelligence, macOS, privacy, tool

Apple’s latest innovation, Apple Intelligence, is redefining what’s possible in consumer technology. Integrated into iOS 18.1, iPadOS 18.1 and macOS Sequoia 15.1, this milestone puts advanced artificial intelligence (AI) tools directly in the hands of millions. Beyond being a breakthrough… First seen on securityintelligence.com Jump to article: securityintelligence.com/news/apple-intelligence-raises-stakes-in-privacy-and-security/
NotLockBit Previously Unknown Ransomware Attack Windows macOS

Dec 20, 2024 7:43 AM

Tags: attack, cyber, cybersecurity, lockbit, macOS, ransomware, tactics, threat, windows

A new and advanced ransomware family, dubbed NotLockBit, has emerged as a significant threat in the cybersecurity landscape, closely mimicking the behavior and tactics of the notorious LockBit ransomware. NotLockBit notably distinguishes itself by being one of the first ransomware strains designed to effectively attack both macOS and Windows operating systems, showcasing powerful cross-platform capabilities.…
Foxit PDF Editor und Reader: Attacken über präparierte PDF-Dateien möglich

Dec 18, 2024 10:42 AM

Tags: macOS, windows

PDF-Anwendungen von Foxit sind unter macOS und Windows verwundbar. Sicherheitsupdates stehen bereit. First seen on heise.de Jump to article: www.heise.de/news/Foxit-PDF-Editor-und-Reader-Attacken-ueber-praeparierte-PDF-Dateien-moeglich-10211267.html
Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS

Dec 12, 2024 2:08 PM

Tags: access, apple, control, cve, exploit, flaw, framework, macOS, unauthorized, vulnerability

Details have emerged about a now-patched security vulnerability in Apple’s iOS and macOS that, if successfully exploited, could sidestep the Transparency, Consent, and Control (TCC) framework and result in unauthorized access to sensitive information.The flaw, tracked as CVE-2024-44131 (CVSS score: 5.3), resides in the FileProvider component, per Apple, and has been addressed with improved First…
Apple stopft schwere Sicherheitslücken, kein Patch für iOS 17

Dec 12, 2024 11:05 AM

Tags: apple, macOS, update, vulnerability

Apples jüngste Updates schließen viele Schwachstellen in iOS, macOS und iPadOS, darunter kritische. Für iOS 17 gibt es wohl keine Patches mehr. First seen on heise.de Jump to article: www.heise.de/news/Apple-stopft-schwere-Sicherheitsluecken-kein-Patch-fuer-iOS-17-10196897.html
Apple Pushes Major iOS, macOS Security Updates

Dec 11, 2024 9:06 PM

Tags: apple, data, macOS, update

Cupertino ships iOS 18.2 and macOS Sequoia 15.2 patches to fix data leakage, sandbox escapes and code exection vulnerabilities. The post Apple Pushes Major iOS, macOS Security Updates appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/apple-pushes-major-ios-macos-security-updates/
SPA is for Single-Page Abuse! Using Single-Page Application Tokens to Enumerate Azure

Dec 10, 2024 6:07 PM

Tags: access, api, attack, authentication, browser, chrome, cloud, control, data, detection, google, government, guide, identity, macOS, mfa, microsoft, network, office, powershell, RedTeam, technology, tool, update, windows

Author: Lance B. Cain Overview Microsoft Azure is a leading cloud provider offering technology solutions to companies, governments, and other organizations around the globe. As such, many entitles have begun adopting Azure for their technology needs to include identity, authentication, storage, application management, and web services. One of the most common methods for organizations to begin…
New Meeten Malware Attacking macOS And Windows Users To Steal Logins

Dec 10, 2024 9:07 AM

Tags: ai, crypto, cyber, cybercrime, login, macOS, malicious, malware, threat, windows

A sophisticated crypto-stealing malware, Realst, has been targeting Web3 professionals, as the threat actors behind this campaign have employed AI-generated content to create fake companies, such as >>Meetio,
EDR-Software ein Kaufratgeber

Dec 10, 2024 6:07 AM

Tags: ai, android, api, backup, browser, chrome, cloud, computing, crowdstrike, cyberattack, detection, edr, endpoint, firewall, identity, incident response, intelligence, iot, kubernetes, linux, macOS, mail, malware, microsoft, network, ransomware, risk, siem, soar, software, sophos, threat, tool, windows, zero-day
Moonlock’s 2024 macOS threat report

Dec 6, 2024 4:52 PM

Tags: macOS, threat

First seen on thesecurityblogger.com Jump to article: www.thesecurityblogger.com/moonlocks-2024-macos-threat-report/
Windows, macOS users targeted with cryptoinfo-stealing malware

Dec 6, 2024 1:48 PM

Tags: crypto, Internet, macOS, malware, windows

Downloading anything from the internet is a gamble these days: you might think that you are downloading an innocuous app from a legitimate firm but thanks to clever misuse of … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/06/information-cryptocurrency-stealing-malware-windows-macos/
Sind Macs noch sicher?

Dec 6, 2024 8:48 AM

Tags: adware, ai, apple, chatgpt, dark-web, detection, endpoint, macOS, malware, ransomware, service, social-engineering, threat, tool, update
Apple-Passwörter in Chrome, Edge und Firefox nutzen: So geht es unter Windows und macOS

Dec 5, 2024 7:48 PM

Tags: apple, browser, chrome, macOS, password, windows

First seen on t3n.de Jump to article: t3n.de/news/apple-passwoerter-chrome-edge-firefox-windows-macos-1661732/
Is the tide turning on macOS security?

Dec 5, 2024 7:48 AM

Tags: access, adware, ai, antivirus, apple, attack, chatgpt, computer, control, cybercrime, cybersecurity, dark-web, data, detection, endpoint, exploit, extortion, guide, hacker, macOS, malware, privacy, rat, service, skills, social-engineering, software, theft, threat, tool, update

The Apple ecosystem has been recognized for years by users and cybersecurity experts as among the most secure, offering flagship security features and a high level of user privacy protection.But macOS security may be experiencing a turning point in 2024, as experts point to a sharp increase in malware created specifically to target the operating system, as well…
NachoVPN Tool Exploits Flaws in Popular VPN Clients for System Compromise

Dec 3, 2024 12:50 PM

Tags: access, cybersecurity, exploit, flaw, macOS, network, remote-code-execution, tool, vpn, windows

Cybersecurity researchers have disclosed a set of flaws impacting Palo Alto Networks and SonicWall virtual private network (VPN) clients that could be potentially exploited to gain remote code execution on Windows and macOS systems.”By targeting the implicit trust VPN clients place in servers, attackers can manipulate client behaviours, execute arbitrary commands, and gain high levels…
Apple Safari JavaScriptCore Remote Code Execution Flaw Exploited in the Wild

Dec 2, 2024 8:30 AM

Tags: apple, cve, cyber, exploit, flaw, macOS, remote-code-execution, software, threat, vulnerability

A critical vulnerability identified as CVE-2024-44308 has been actively exploited in the wild, affecting multiple versions of Apple Safari across iOS, visionOS, and macOS platforms. This flaw, located within WebKit’s DFG JIT compiler, poses a significant threat by allowing remote code execution (RCE). Affected Software and Versions Here’s a table summarizing the affected software and…
Sophos analysiert Infostealer AMOS: Neue Bedrohung für macOS-Nutzer

Dec 1, 2024 4:26 PM

Tags: macOS, software, sophos

Um sich vor Infostealern wie AMOS zu schützen, sollten Nutzer ausschließlich Software von seriösen Quellen installieren und besonders vorsichtig mit P… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sophos-analysiert-infostealer-amos-neue-bedrohung-fuer-macos-nutzer/a38249/
NokNok: Neue Malware hat es auf MacOS abgesehen

Dec 1, 2024 1:23 PM

Tags: macOS, malware

Die Hackergruppe Charming Kitten hat mit NokNok eine neue Malware in Umlauf gebracht, die es auf MacOS abgesehen hat. Statt auf Word-Dateien setzen di… First seen on 8com.de Jump to article: www.8com.de/cyber-security-blog/noknok-neue-malware-hat-es-auf-macos-abgesehen
The Changing Threat Landscape: Infostealers and the MacOS goldmine

Dec 1, 2024 3:19 AM

Tags: macOS, threat

First seen on blog.f-secure.com Jump to article: blog.f-secure.com/infostealers-and-macos/
iPhone Users Urged to Update to Patch 2 Zero-Days

Dec 1, 2024 12:18 AM

Tags: flaw, iphone, macOS, threat, update, zero-day

Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack… First seen on threatpost.com Jump to article: threatpost.com/iphone-users-urged-to-update-to-patch-2-zero-days-under-attack/180448/
Godot Engine Exploited to Spread Malware on Windows, macOS, Linux

Nov 29, 2024 5:28 PM

Tags: cybercrime, exploit, linux, macOS, malicious, malware, windows

Check Point Research has discovered cybercriminals exploiting the popular Godot Game Engine to deliver malicious software. Discover the techniques used by attackers and how to protect yourself from these threats. First seen on hackread.com Jump to article: hackread.com/godot-engine-malware-on-windows-macos-linux/
Wie man Videospiel-Engines für Hacking missbraucht

Nov 29, 2024 1:28 PM

Tags: android, hacker, hacking, linux, macOS, malware, open-source, software, windows

Check Point Software Technologies kam einer neuen Hacker-Masche auf die Spur. Mithilfe der Gaming-Engine können Cyberkriminelle verschiedene Betriebssysteme von vernetzten Geräten attackieren, darunter Windows, MacOS, Linux, Android und iOS. Verbreitet wird der schädliche Code von dem Malware-Netzwerk , die Check Point vor einigen Monaten untersucht hatte, über die Open-Source-Plattform Github. In […] First seen on…
Popular game script spoofed to infect thousands of game developers

Nov 29, 2024 1:28 PM

Tags: android, antivirus, attack, crypto, github, linux, macOS, malicious, malware, network, open-source, programming, service, software, tactics, vulnerability, windows

A malware loader, now named GodLoader, has been observed to be using Godot, a free and open-source game engine, as its runtime to execute malicious codes and has dropped known malware on at least 17,000 machines.Unaware users of the engine, which helps create 2D and 3D games and deploy them across various platforms including Windows,…
Source Code Of macOS Banshee Stealer Leaked

Nov 27, 2024 5:11 PM

Tags: data-breach, macOS

First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36643/Source-Code-Of-macOS-Banshee-Stealer-Leaked.html
Banshee Stealer Quellcode geleakt: macOS-Malware unschädlich gemacht

Nov 27, 2024 4:11 PM

Tags: data-breach, macOS, malware

Cyberkriminelle geben auf: Die Malware Banshee Stealer für MacOS wurde nach Veröffentlichung des Quellcodes aufgegeben. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/banshee-stealer-quellcode-geleakt-macos-malware-unschaedlich-gemacht-304847.html
Lazarus Hackers Exploits macOS Extended Attributes To Evade Detection

Nov 27, 2024 4:11 PM

Tags: cyber, data, detection, exploit, group, hacker, lazarus, macOS, malicious, threat, windows

The xattr command in Unix-like systems allows for the embedding of hidden metadata within files, similar to Windows ADS, known as Rustyattr, which is being exploited by threat actors like Lazarus Group to stealthily conceal malicious payloads within seemingly benign files. The Lazarus Group is covertly embedding malicious data within system files using xattr, a…