726 matches found
macOS and Mac OS X Multiple Vulnerabilities (Security Update 2019-003)
The remote host is running Mac OS X 10.12.6 or Mac OS X 10.13.6 and is missing a security update. It is, therefore, affected by multiple vulnerabilities : - An application may be able to read restricted memory CVE-2019-8603, CVE-2019-8560 - An application may be able to execute arbitrary code wit...
Apple macOS Mojave Bom Security Bypass Vulnerability
Apple macOS Mojave is a specialized operating system developed by Apple for Mac computers.Bom is a Byte Order Mark component. A security vulnerability exists in the Bom component of Apple macOS Mojave versions prior to 10.14.4. An attacker can exploit this vulnerability with a malicious applicati...
How does macOS protect against malware?
Mac users often are told that "Macs don't get viruses." This is not really true, of course. Macs can and do get infected. However, it is true that macOS provides some basic protection against malware. This protection can be quite effective in some ways, but, unfortunately, quite ineffective in...
Beware!! New Windows .exe Malware Found Targeting macOS Computers
A malicious Windows EXE file can even infect your Mac computer as well. Yes, you heard me right — a .exe malware on macOS. Security researchers at antivirus firm Trend Micro have discovered a novel way hackers are using in the wild to bypass Apple's macOS security protection and infect Mac...
Beware!! New Windows .exe Malware Found Targeting macOS Computers
A malicious Windows EXE file can even infect your Mac computer as well. Yes, you heard me right — a .exe malware on macOS. Security researchers at antivirus firm Trend Micro have discovered a novel way hackers are using in the wild to bypass Apple's macOS security protection and infect Mac...
Mail.ru: ICQ for macOS: lack of `com.apple.quarantine` meta-attribute on downloaded files leads to GateKeeper/Quarantine bypass for downloaded executables
Summary Quarantine & GateKeeper are important macOS security mechanisms, which prevent user/device from running unsigned executables and warn users about executables downloaded from the remote. Conceptually, Quarantine & GateKeeper are similar to MOTW on Windows. Applications that could download...
Slack: User-assisted RCE in Slack for macOS (from official site) due to improper quarantine meta-attribute handling for downloaded files
Summary GateKeeper/Quarantine bypass for downloaded files Lack of com.apple.quarantine meta-attribute for downloaded files allows a remote attacker to send an executable file that won't be checked by Gatekeeper . File opening doesn't trigger native alerts from GateKeeper/Quarantine Downloaded...
Persistent XSRF on Kubernetes Dashboard using Redhat Keycloak Gatekeeper on Microsof Azure
tl;dr I found an XSRF in the OAuth implementation of Redhat Keycloak Gatekeeper. This would be a bit worse for people using Gatekeeper to protect their Kubernetes Dashboard especially in Microsof Azure. The Issue in Keycloak Gatekeeper Keycloak Gatekeeper is an OpenID Proxy service for Keycloak, ...
Keybase: Keybase client: downloaded executables lack "com.apple.quarantine" meta-attribute [macOS]
Summary 1. Missing quarantine attribute for downloaded files allows remote attacker to send executable file that won't be checked by Gatekeeper codesign bypass. 2. Since sent executable files lack com.apple.quarantine meta-attribute, no alert about launching executable file from the web will be...
Brave Software: Lack of quarantine meta-attribute for downloaded files leads to GateKeeper bypass
Summary: Executable files downloaded through Brave don't have quarantine attribute. That means it's possible to launch any executable bypassing codesigning + quarantine. However, later I found that Brave has already tracked similar report but only in the context of .pkg files. Additionally, Brave...
Is My Mac Secure from Malware and Viruses?
Do you own a Mac? If so, you might have the common perception that they’re more secure from internet threats than Windows PCs. Unfortunately, this isn’t the case. The truth is that Macs have historically not been targeted by hackers as frequently as Windows systems, simply because there were fewe...
Multiple F-Secure Internet Gatekeeper Products Information Disclosure Vulnerabilities
F-Secure Internet Gatekeeper is an antivirus product released by a Finnish antivirus vendor. An information disclosure vulnerability exists in several F-Secure Internet Gatekeeper products. An attacker could obtain sensitive information and launch other attacks...
On the macOS Keychain Attack, Signal’s New Contact Service, the Deloitte Hack, and More
Mike Mimoso and Chris Brook recap the news of the week, including the macOS Keychain attack, Signal’s new private contact discovery service, the Deloitte hack, and a handful of mobile stock trading app vulnerabilities. Download: ThreatpostNewsWrapSeptember292017.mp3 Music by Chris Gonsalves Show...
Gatekeeper Alone Won’t Mitigate Apple Keychain Attack
Apple’s advice to rely on Gatekeeper as a mitigation against a Keychain attack disclosed this week by researcher Patrick Wardle doesn’t fully address the risk. Experts, Wardle included, said that while Gatekeeper is a solid measure in preventing unsigned code from executing on a macOS machine, it...
macOS High Sierra Available—And Vulnerable to Keychain Attack
Apple made its latest OS update available Monday, but the release of High Sierra was tainted somewhat by the fact it comes replete with a critical vulnerability that allows an attacker to dump plaintext passwords from the macOS Keychain. Researcher Patrick Wardle, chief security researcher at...
Signed Mughthesec Adware Hijacking Macs for Profit
A variant of an older piece of adware built for Macs called OperatorMac has been seen in the wild, and while like most adware it tries to turn a profit, it also illustrates some defensive shortcomings native to Apple’s ecosystem and the industry. Components of the new strain, which is called...
Apple Revokes Certificate Used By OSX/Dok Malware
Apple revoked a legitimate developer certificate used by hackers behind malware dubbed OSX/Dok, which was able to eavesdrop on secure HTTPS traffic of infected systems. On Sunday, Apple also rolled out an update to its XProtect built-in antimalware software to fend off existing and upcoming...
New MacOS Malware, Signed With Legit Apple ID, Found Spying On HTTPS Traffic
Many people believe that they are much less likely to be bothered by malware if they use a Mac computer, but is it really true? Unfortunately, No. According to the McAfee Labs, malware attacks on Apple's Mac computers were up 744% in 2016, and its researchers have discovered nearly 460,000 Mac...
Apache MyFaces Trinidad CVE-2016-5019 Remote Code Execution Vulnerability
Description Apache MyFaces Trinidad is prone to a security vulnerability. Successfully exploiting this issue allows attackers to obtain sensitive information or execute arbitrary code in the context of the affected application. Apache MyFaces Trinidad 1.2.14-core , 1.0.13-core , 2.0.1-core and...
Patrick Wardle on macOS Gatekeeper, Crypto Enhancements
At last week’s Apple Worldwide Developer Conference, Apple announced some security upgrades around Gatekeeper and a new filesystem that includes native support for encryption. Mac hacker Patrick Wardle, director of research at Synack, explains whether this a big deal and how the upgrades address...