Lucene search
K

121 matches found

Packet Storm
Packet Storm
added 2017/12/05 12:0 a.m.47 views

Arq Backup 5.9.7 Local Root Privilege Escalation

As well as the other bugs affecting Arq = 5.9.6 there is also another issue with the suid-root restorer binaries in Arq for Mac. There are three of them and they are used to execute restores of backed up files from the various cloud providers. After reversing the inter-app protocol I discovered...

1AI score0.01016EPSS
Exploits2
ThreatPost
ThreatPost
added 2017/08/09 2:25 p.m.25 views

Signed Mughthesec Adware Hijacking Macs for Profit

A variant of an older piece of adware built for Macs called OperatorMac has been seen in the wild, and while like most adware it tries to turn a profit, it also illustrates some defensive shortcomings native to Apple’s ecosystem and the industry. Components of the new strain, which is called...

7.5AI score
Exploits0References4
ThreatPost
ThreatPost
added 2017/02/08 8:21 a.m.18 views

Macro Malware Comes to macOS

Macro-based malware has crossed the divide between the Windows and Mac platforms. A cybercrime group whose command and control infrastructure resolves to an IP address geo-located in Russia is using a Word document laced with a malicious macro that executes solely on macOS. Following the same...

0.2AI score
Exploits0References2
Microsoft KB
Microsoft KB
added 2017/01/07 12:0 a.m.17 views

MS16-015: Description of the security update for Office 2016 for Mac: February 16, 2016

MS16-015: Description of the security update for Office 2016 for Mac: February 16, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see...

8AI score
Exploits0
ThreatPost
ThreatPost
added 2016/10/07 7:0 a.m.14 views

Free Tool Protects Mac Users from Webcam Surveillance

DENVER—Hijacking a user’s webcam is one of the more dastardly tactics used for surveillance. In most cases the attacker can use a number of different webcam-aware malware samples to quietly turn on and record audio and video from the target’s machine. Doing so, however, also turns on the embedded...

0.1AI score
Exploits0References6
Microsoft KB
Microsoft KB
added 2016/08/09 7:0 a.m.40 views

MS16-099: Description of the security update for Office 2016 for Mac: August 22, 2016

MS16-099: Description of the security update for Office 2016 for Mac: August 22, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see...

9.3CVSS7.3AI score0.49831EPSS
Exploits6
CNVD
CNVD
added 2015/12/13 12:0 a.m.3 views

Apple OS X Keychain Entry Access Vulnerability

Apple OS X is an operating system developed by Apple Inc. Apple OS X has a security vulnerability that allows an attacker to exploit the vulnerability to access the target user's Keychain entries and obtain sensitive information...

4.3CVSS6.6AI score0.01498EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2015/04/23 2:35 p.m.8 views

Bypassing OSX Security Tools is Trivial, Researcher Says

SAN FRANCISCO–For years, Apple has enjoyed a pretty good reputation among users for the security of its products. That halo has been enhanced by the addition of new security features such as Gatekeeper and XProtect to OS X recently, but one researcher said that all of those protections are simple...

Exploits0References2
Symantec
Symantec
added 2015/04/14 12:0 a.m.31 views

Microsoft Outlook App for Mac CVE-2015-1639 Cross Site Scripting Vulnerability

Description Microsoft Outlook App for Mac is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. Th...

4.3CVSS7.7AI score0.09483EPSS
Exploits0Affected Software2
ThreatPost
ThreatPost
added 2012/07/17 7:24 p.m.10 views

Mac Security: How Threats Against OS X Have Escalated

In this special edition Threatpost editor-in-chief Dennis Fisher talks with founding editor, Ryan Naraine about Mac security. They discuss why it took longer for the security community to understand the vulnerabilities of the Mac and when these conversations started. You’ll hear how cybercriminal...

2AI score
Exploits0
The Hacker News
The Hacker News
added 2012/04/24 7:23 p.m.7 views

New Flashback malware variant found in the wild

New Flashback malware variant found in the wild A new Flashback Trojan has been discovered that infects Macs without prompting the user for a password. If you haven't updated Java on your Mac, or disabled it entirely, you could be a victim. The new variant dubbed Flashback.S is actively being...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2012/04/16 1:4 p.m.11 views

New Mac Malware, SabPub, Used In Targeted Attacks

Researchers at Kaspersky Lab says a new malicious program, dubbed SabPub, exploits the same Java security hole as the Flashback Trojan and enables targeted attacks against Mac users. The new malware was identified in a blog post by Kaspersky Lab expert Costin Raiu on Saturday and is described as ...

0.4AI score
Exploits0References4
ThreatPost
ThreatPost
added 2012/04/10 8:4 p.m.6 views

Ryan Naraine and Costin Raiu on Flashback and Mac Security

Dennis Fisher talks with Ryan Naraine and Costin Raiu about the Flashback Mac botnet, why Apple is reluctant to let third parties update software on Macs and the future outlook for the security of Macs. Podcast audio courtesy of sykboy65 Subscribe to the Digital Underground podcast on...

1.5AI score
Exploits0References2
ThreatPost
ThreatPost
added 2012/02/24 2:23 p.m.8 views

New Version of Flashback Mac Trojan Found Using Java Exploits

A new version of the Flashback Trojan that targets Macs has appeared, and this one uses a drive-by download technique to attempt exploits of two Java vulnerabilities. The Flashback.G malware also tries to trick users into accepting a fake digital certificate, which will install the malware if the...

1.9AI score
Exploits0References4
The Hacker News
The Hacker News
added 2011/06/04 6:30 a.m.5 views

F-Secure Releases Anti-Virus For Mac

F-Secure Releases Anti-Virus For Mac Key Features Easier and faster to use Designed with performance in mind Reliable protection Real-time antivirus protection, automated malware removal logic Easy to take into use Panic button Instantly block all traffic except update servers F-Secure Anti-Virus...

7.3AI score
Exploits0
ThreatPost
ThreatPost
added 2010/02/09 3:2 p.m.13 views

Dino Dai Zovi, Endgame Systems

I’m always fascinated by people who are prodigies in their field, and I think Dino probably falls into that category. He’s been in the top tier of offensive security researchers for several years, having worked at both @stake and Matasano, is known as one of the top Apple hackers in the game, has...

1.7AI score
Exploits0
NVD
NVD
added 2009/11/11 8:30 p.m.28 views

CVE-2009-3130

Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via a spreadsheet containing a malformed Binary File Format aka BIFF record that triggers memory corruption, ak...

9.3CVSS7.9AI score0.28934EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2009/06/03 4:6 p.m.9 views

Rich Mogull on Mac security, the Cybersecurity Czar and Project Quant

Dennis Fisher talks with Securosis founder Rich Mogull about Mac security, Obama’s cybersecurity plan and his Project Quantpatch-management work with Microsoft. Download Subscribe to the Digital Underground podcast on Podcast audio courtesy of sykboy65...

2.9AI score
Exploits0References4
ThreatPost
ThreatPost
added 2009/04/28 3:1 p.m.14 views

15 easy fixes for Mac security risks

From Computerworld Ryan Faas One of the commonly touted advantages to using a Mac is that it’s more secure and less prone to malware than a PC running Windows. It’s easy to see where this attitude comes from: The prevalence of viruses and network attacks against Windows machines is greater by...

1.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2008/10/22 12:0 a.m.13 views

Mac Software Update DNS Query Detection

Binary data 4719.prm...

7.3AI score
Exploits0
Rows per page
Query Builder