121 matches found
Trend Micro Antivirus for Mac Information Disclosure Vulnerability
Trend Micro Antivirus for Mac is a set of antivirus software based on Mac platform from Trend Micro. A security vulnerability exists in Trend Micro Antivirus for Mac 2020 Consumer that stems from an error message information disclosure vulnerability, which can be exploited by an attacker to cause...
Unspecified Vulnerability in Trend Micro Antivirus for Mac (NVD-C-2020-233707)
Trend Micro Antivirus for Mac is a set of antivirus software based on Mac platform from Trend Micro. A security vulnerability exists in Trend Micro Antivirus for Mac 2020 Consumer that originates from the software's susceptibility to a specific kernel extension request attack, which can be...
EvilQuest: Inside A 'New Class' of Mac Malware
The new malware sample discovered this week, dubbed EvilQuest by security researchers, may be ushering in a new class of Mac malware, according to Thomas Reed, director of Mac and mobile with Malwarebytes. While EvilQuest pretends to be ransomware, in the background it’s actually using its...
21 Tips to Stay Secure, Private, and Productive as You Work from Home on Your Mac
Nowadays, Macs are part of the work-from-home workforce during the COVID-19 pandemic. If you’ve brought a Mac from the office to home, it’s likely your IT department has already set it up to meet your company’s security policies. But what if you’re enlisting a Mac already at home to do duty for...
The Sneaky Simple Malware That Hits Millions of Macs
How the Shlayer Trojan topped the macOS malware charts—despite its “rather ordinary” methods...
DEF CON 2019: MacOS Gets a Malware Beatdown in Attack Demo
LAS VEGAS – On Friday, Mac security researcher Patrick Wardle showed how an attacker can repurpose someone else’s Mac malware, create false attribution flags and sidestep Mac anti-malware defenses with ease. The attack scenarios were his own and meant to serve as cautionary examples and reasons w...
Clever Tool Uses Apple’s Videogame Logic Engine to Protect Macs
A new Mac security service called GamePlan uses a system's own indicators, and some videogame magic, to keep a lookout...
Mac malware combines EmPyre backdoor and XMRig miner
Earlier this week, we discovered a new piece of Mac malware that is combining two different open-source tools—the EmPyre backdoor and the XMRig cryptominer—for the purpose of evil. The malware was being distributed through an application named Adobe Zii. Adobe Zii is software that is designed to...
A week in security (October 29 – November 4)
Last week on Malwarebytes Labs, we looked at a rogue cryptocurrency app installing backdoors, took a dive into the world of printer security, explored browser privacy tweaks, highlighted a music festival–themed breach, and introduced Malwarebytes for Chromebook. Other cybersecurity news Memory...
Mac cryptocurrency ticker app installs backdoors
An astute contributor to our forums going by the handle 1vladimir noticed that an app named CoinTicker was exhibiting some fishy behavior over the weekend. It seems that the app is covertly installing not just one but two different backdoors. Behaviors The CoinTicker app, on the surface, appears ...
Mac Mojave Zero-Day Allows Malicious Apps to Access Sensitive Info
A zero-day vulnerability in the brand-new version of the Apple Mojave macOS has been uncovered, which would allow an attacker to access private and confidential information by using an unprivileged app. The flaw was found by Patrick Wardle, co-founder of Digita Security and creator of Objective-S...
Microsoft Lync for Mac CVE-2018-8474 Security Bypass Vulnerability
Description Microsoft Lync for Mac is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Microsoft Lync for Mac 2011 Recommendations Deploy network intrusion detection system...
Top MacOS App Exfiltrates Browser Histories Behind Users’ Backs
A top-grossing Apple App Store program called Adware Doctor is capable of sidestepping macOS security controls and surreptitiously copying a user’s entire browser history. It then sends it to a China-based domain. According to Patrick Wardle, chief research officer at Digita Security and founder ...
Detect Evil Maid Attacks: Do Not Disturb
Physical access or “evil maid” attacks are some of the most insidious threats faced by those of us who travel with our Macs. Do Not Disturb DND is a free, open-source utility that aims to detect and alert you of such attacks! One of the best ways to compromise a computer is with physical access...
This Week in Security News: Macs, Hacks and Attacks
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, GitHub was hacked via their official account with cryptocurrency Sycoin. Also, a phishing attack targeting trustee company HealthEquity led ...
Is My Mac Secure from Malware and Viruses?
Do you own a Mac? If so, you might have the common perception that they’re more secure from internet threats than Windows PCs. Unfortunately, this isn’t the case. The truth is that Macs have historically not been targeted by hackers as frequently as Windows systems, simply because there were fewe...
Bypass Glitch Allows Malware to Masquerade as Legit Apple Files
Masquerading as an official Apple system file sounds like a wonderful way for malware to worm its way onto Macs – and a recently discovered code-signing bypass flaw allows bad code to do just that. The way some developers have implemented Apple’s official code-signing API can be exploited by...
Signature Validation Bug Let Malware Bypass Several Mac Security Products
A years-old vulnerability has been discovered in the way several security products for Mac implement Apple's code-signing API that could make it easier for malicious programs to bypass the security check, potentially leaving millions of Apple users vulnerable to hackers. Josh Pitts, a researcher...
Signature Validation Bug Let Malware Bypass Several Mac Security Products
A years-old vulnerability has been discovered in the way several security products for Mac implement Apple's code-signing API that could make it easier for malicious programs to bypass the security check, potentially leaving millions of Apple users vulnerable to hackers. Josh Pitts, a researcher...
The state of Mac malware
Mac users are often told that they don't need antivirus software, because there are no Mac viruses. However, this is not true at all, as Macs actually are affected by malware, and have been for most of their existence. Even the first well-known virus—Elk Cloner—affected Apple computers rather tha...