54 matches found
EUVD-2020-5372
Malware in sbrugna...
EUVD-2016-9500
Malware in sbrugna...
EUVD-2019-4586
Malware in sbrugna...
EUVD-2017-11818
Malware in sbrugna...
EUVD-2019-4587
Malware in sbrugna...
CVE-2020-13095
Little Snitch version 4.5.1 and older changed ownership of a directory path controlled by the user. This allowed the user to escalate to root by linking the path to a directory containing code executed by root...
CVE-2019-13014
Little Snitch versions 4.4.0 fixes a vulnerability in a privileged helper tool. However, the operating system may have made a copy of the privileged helper which is not removed or updated immediately. Computers may therefore still be vulnerable after upgrading to 4.4.0. Version 4.4.1 fixes this...
CVE-2019-13013
Little Snitch versions 4.3.0 to 4.3.2 have a local privilege escalation vulnerability in their privileged helper tool. The privileged helper tool implements an XPC interface which is available to any process and allows directory listings and copying files as root...
MacOS Malware: Myth vs. Truth – Podcast
Remember those ads with a sneezing guy in a suit who says he’s a PC and to stay away, he’s got that nasty virus that’s going around? “That’s OK,” says the young, hip guy in blue jeans: He’s a Mac. … as if any machine that runs code could possibly be immune to malware…? Boy, was that a stretch. Th...
Bypassing Little Snitch Firewall with Empty TCP Packets
The post Bypassing Little Snitch Firewall with Empty TCP Packets appeared first on Rhino Security Labs...
Apple Removes macOS Feature That Allowed Apps to Bypass Firewall Security
Apple has removed a controversial feature from its macOS operating system that allowed the company's own first-party apps to bypass content filters, VPNs, and third-party firewalls. Called "ContentFilterExclusionList," it included a list of as many as 50 Apple apps like iCloud, Maps, Music,...
A New Ransomware Targeting Apple macOS Users Through Pirated Apps
Cybersecurity researchers this week discovered a new type of ransomware targeting macOS users that spreads via pirated apps. According to several independent reports from K7 Lab malware researcher Dinesh Devadoss, Patrick Wardle, and Malwarebytes, the ransomware variant — dubbed "EvilQuest " — is...
Objective Development Software Little Snitch Backlink Vulnerability
Objective Development Software Little Snitch is a host-based firewall for macOS apps from Objective Development Software of Austria. A backlink vulnerability exists in Objective Development Software Little Snitch 4.5.1 and earlier versions, which can be exploited by an attacker to elevate...
EvilQuest Mac Ransomware Has Keylogger, Crypto Wallet-Stealing Abilities
A rare new ransomware strain targeting macOS users has been discovered, called EvilQuest. Researchers say the ransomware is being distributed via various versions of pirated software. EvilQuest, first discovered by security researcher Dinesh Devadoss, goes beyond the normal encryption capabilitie...
CVE-2020-13095
Little Snitch version 4.5.1 and older changed ownership of a directory path controlled by the user. This allowed the user to escalate to root by linking the path to a directory containing code executed by root...
CVE-2020-13095
Little Snitch version 4.5.1 and older changed ownership of a directory path controlled by the user. This allowed the user to escalate to root by linking the path to a directory containing code executed by root...
Design/Logic Flaw
Little Snitch version 4.5.1 and older changed ownership of a directory path controlled by the user. This allowed the user to escalate to root by linking the path to a directory containing code executed by root...
CVE-2020-13095
Little Snitch
CVE-2020-13095
Little Snitch version 4.5.1 and older changed ownership of a directory path controlled by the user. This allowed the user to escalate to root by linking the path to a directory containing code executed by root...
New Mac ransomware spreading through piracy
Editor’s note: The original name for the malware, EvilQuest, has been changed due to a legitimate game of the same name from 2012. The new name, ThiefQuest, is also more fitting for our updated understanding of the malware. A Twitter user going by the handle @beatsballert messaged me yesterday...