Tag: macOS
-
Apple Bug Allows Root Protections Bypass Without Physical Access
Emergent macOS vulnerability lets adversaries circumvent Apple’s System Integrity Protection (SIP) by loading third-party kernels. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/apple-bug-root-protections-bypass-physical-access
-
Apple Patches Flaw That Allows Kernel Security Bypassing
Microsoft Uncovered Flaw That Affects macOS System Integrity Protection Feature. Apple patched a vulnerability that allows hackers to bypass a key security feature in macOS by through third-party kernel extensions. Microsoft researchers uncovered the flaw tracked as CVE-2024-44243. The flaw could enable hackers to install rootkits and create malware with privileged access. First seen on…
-
New bug lets attackers bypass macOS system integrity protection
Tags: macOSFirst seen on scworld.com Jump to article: www.scworld.com/news/new-bug-lets-attackers-bypass-macos-system-integrity-protection
-
Malicious kernel driver deployment possible via macOS vulnerability
First seen on scworld.com Jump to article: www.scworld.com/brief/malicious-kernel-driver-deployment-possible-via-macos-vulnerability
-
Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation
Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as “root” to bypass the operating system’s System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions.The vulnerability in question is CVE-2024-44243 (CVSS score: 5.5), a medium-severity bug First…
-
macOS bug lets hackers install malicious kernel drivers
Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-macos-bug-lets-hackers-install-malicious-kernel-drivers/
-
Critical macOS Vulnerability Lets Hackers to Bypass Apple’s System Integrity Protection
Microsoft Threat Intelligence has uncovered a critical macOS vulnerability that allowed attackers to bypass Apple’s System Integrity Protection (SIP). Known as CVE-2024-44243, this vulnerability could be exploited to load third-party kernel extensions, resulting in severe security implications for macOS users. Apple released a patch for this vulnerability as part of its December 11, 2024, security…
-
Anwendung blockiert: MacOS stuft Docker Desktop als Malware ein
Einige Dateien von Docker Desktop für MacOS wurden falsch signiert, so dass Nutzer eine Malware-Warnung erhalten. Eine echte Gefahr besteht nicht. First seen on golem.de Jump to article: www.golem.de/news/anwendung-blockiert-docker-desktop-unter-macos-als-malware-eingestuft-2501-192366.html
-
PoC Exploit Released for Critical macOS Sandbox Vulnerability (CVE-2024-54498)
A proof-of-concept (PoC) exploit has been publicly disclosed for a critical vulnerability impacting macOS systems, identified as CVE-2024-54498. This vulnerability poses a significant security risk by allowing malicious applications to bypass the macOS Sandbox, a key security feature designed to isolate app activity and protect sensitive system resources. Details of CVE-2024-54498 The vulnerability, classified ashigh severitywith…
-
Neue und verbesserte Version des Banshee-Stealers nimmt MacOS-Nutzer ins Visier
Check Point Software Technologies warnt vor einer neuen und verbesserten Version des Banshee-Stealers. Er nimmt MacOS-Nutzer ins Visier, was bedeutet, dass über 100 Millionen Anwender bedroht sind. Banshee tauchte mitten im Jahr 2024 als Stealer-as-a-Service für 3.000 US-Dollar als Mietmodell auf. Die Malware nutzte ab September sogar die Funktion String-Encryption aus Apples eigenem Programm XProtect,…
-
New Banshee Stealer variant continues attacks on macOS devices
First seen on scworld.com Jump to article: www.scworld.com/news/new-banshee-stealer-variant-continues-attacks-on-macos-devices
-
Banshee macOS stealer supports new evasion mechanisms
Experts found a new version of the Banshee macOS information stealer which was enhanced with new evasion mechanisms. Check Point researchers discovered a new version of the Banshee macOS infostealer which is distributed through phishing websites and fake GitHub repositories, often masqueraded as popular software. In August 2024, Russian crooks advertised a macOS malware called…
-
Docker Desktop blocked on Macs due to false malware alert
Docker is warning that Docker Desktop is not starting on macOS due to malware warnings after some files were signed with an incorrect code-signing certificate. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/docker-desktop-blocked-on-macs-due-to-false-malware-alert/
-
Banshee macOS Malware Expands Targeting
The latest version of the Banshee macOS information stealer no longer checks if the infected systems have the Russian language installed. The post Banshee macOS Malware Expands Targeting appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/banshee-macos-malware-expands-target-list/
-
Malware targets Mac users by using Apple’s security tool
A variant of the Banshee macOS infostealer was seen duping detection systems with new string encryption copied from Apple’s in-house algorithm.A Check Point research, which caught the variant after two months of successful evasion, said threat actors distributed Banshee using phishing websites and fake GitHub repositories, often impersonating popular software like Google Chrome, Telegram, and…
-
Banshee Stealer Hits macOS Users via Fake GitHub Repositories
SUMMARY Cybersecurity researchers at Check Point detected a new version of Banshee Stealer in late September 2024, distributed… First seen on hackread.com Jump to article: hackread.com/banshee-stealer-hits-macos-fake-github-repositories/
-
Banshee stealer evades detection using Apple XProtect encryption algo
A new version of the Banshee info-stealing malware for macOS has been evading detection over the past two months by adopting string encryption from Apple’s XProtect. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/banshee-stealer-evades-detection-using-apple-xprotect-encryption-algo/
-
Microsoft fixes OneDrive bug causing macOS app freezes
Microsoft has fixed a known issue causing macOS applications to freeze when opening or saving files in OneDrive. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fixes-onedrive-bug-causing-macos-app-freezes/
-
Banshee Stealer Variante zielt auf macOS-User ab
Tags: macOSSicherheitsforscher haben eine neue Variante der auf macOS ausgerichteten Schadsoftware namens Banshee Stealer entdeckt. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/cyberangriffe/banshee-stealer-variante-zielt-auf-macos-user-ab-307523.html
-
Banshee Stealer variant targets Russian-speaking macOS users
The Banshee Stealer is a stealthy threat to the rising number of macOS users around the world, including those in Russian-speaking countries, according to Check Point … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/09/banshee-stealer-variant-targets-russian-speaking-macos-users/
-
Banshee: The Stealer That >>Stole Code<< From MacOS XProtect
Tags: macOSesearch by:Antonis Terefos (@Tera0017) Key Points Introduction As of 2024, approximately 100.4 million people worldwide use macOS, accounting for 15.1% of the global PC market. Of the millions of macOS users, many falsely assume that their systems are inherently secure from malware. This perception stems from macOS’s Unix-based architecture and historically lower market share, making…
-
New Banshee Stealer Variant Bypasses Antivirus with Apple’s XProtect-Inspired Encryption
Cybersecurity researchers have uncovered a new, stealthier version of a macOS-focused information-stealing malware called Banshee Stealer.”Once thought dormant after its source code leak in late 2024, this new iteration introduces advanced string encryption inspired by Apple’s XProtect,” Check Point Research said in a new analysis shared with The Hacker News. “This development allows it to…
-
iTerm2 Emulator Vulnerability Let Attackers Access Sensitive User Data
A critical vulnerability discovered in the popular macOS terminal emulator iTerm2 has raised concerns among cybersecurity experts and software users. The flaw, which could allow malicious attackers to access sensitive user data, underscores the importance of timely updates and vigilant software management. Vulnerability Details Security researchers disclosed the details of the vulnerability late last week.…
-
KI: Datenschutzbedenken bei neuer Fotosuchfunktion von Apple
In iOS 18 und MacOS 15 gibt es eine standardmäßig aktivierte Funktion namens erweiterte visuelle Suche in der Foto-App. Die wirft Datenschutzbedenken auf. First seen on golem.de Jump to article: www.golem.de/news/ki-training-datenschutzbedenken-bei-neuer-fotosuchfunktion-von-apple-2412-192016.html
-
KI-Training: Datenschutzbedenken bei neuer Fotosuchfunktion von Apple
In iOS 18 und MacOS 15 gibt es eine standardmäßig aktivierte Funktion namens erweiterte visuelle Suche in der Foto-App. Die wirft Datenschutzbedenken auf. First seen on golem.de Jump to article: www.golem.de/news/ki-training-datenschutzbedenken-bei-neuer-fotosuchfunktion-von-apple-2412-192016.html
-
Apple Intelligence raises stakes in privacy and security
Apple’s latest innovation, Apple Intelligence, is redefining what’s possible in consumer technology. Integrated into iOS 18.1, iPadOS 18.1 and macOS Sequoia 15.1, this milestone puts advanced artificial intelligence (AI) tools directly in the hands of millions. Beyond being a breakthrough… First seen on securityintelligence.com Jump to article: securityintelligence.com/news/apple-intelligence-raises-stakes-in-privacy-and-security/
-
NotLockBit Previously Unknown Ransomware Attack Windows macOS
A new and advanced ransomware family, dubbed NotLockBit, has emerged as a significant threat in the cybersecurity landscape, closely mimicking the behavior and tactics of the notorious LockBit ransomware. NotLockBit notably distinguishes itself by being one of the first ransomware strains designed to effectively attack both macOS and Windows operating systems, showcasing powerful cross-platform capabilities.…
-
Foxit PDF Editor und Reader: Attacken über präparierte PDF-Dateien möglich
PDF-Anwendungen von Foxit sind unter macOS und Windows verwundbar. Sicherheitsupdates stehen bereit. First seen on heise.de Jump to article: www.heise.de/news/Foxit-PDF-Editor-und-Reader-Attacken-ueber-praeparierte-PDF-Dateien-moeglich-10211267.html
-
Apple stopft schwere Sicherheitslücken, kein Patch für iOS 17
Apples jüngste Updates schließen viele Schwachstellen in iOS, macOS und iPadOS, darunter kritische. Für iOS 17 gibt es wohl keine Patches mehr. First seen on heise.de Jump to article: www.heise.de/news/Apple-stopft-schwere-Sicherheitsluecken-kein-Patch-fuer-iOS-17-10196897.html