Critical macOS High Sierra bug allows easy root access
If you’re using a Mac, and are running macOS High Sierra, drop everything that you’re doing and go and apply this update. Why? What’s happening? Turkish …
Apple protects its Wi-Fi enabled devices from KRACK attack
Apple has released security updates for its many popular products, and has finally plugged the recently unveiled WPA2 flaws that allow attackers to extract sensitive …
MacOS Proton backdoor delivered via Trojanized media player app
A Trojanized version of Elmedia Player software for Mac was available for download for who knows how long from the developer’s official site, ESET researchers have …
Is your Mac software secure but firmware vulnerable?
Mac users who have updated to the latest OS version or have downloaded and implemented the most recent security update may not be as secure as they originally thought, Duo …
Stealthy Mughthesec Mac adware exposed: What it does, how to protect yourself
Mac malware is still a rare occurrence, so it’s no wonder that some of it can lurk, unnoticed for months, on random machines. The latest example falls more in the …
MacOS malware used to spy on home users in the US
A new variant of the macOS malware Fruitfly has been found by security researcher Patrick Wardle on some 400 machines of (mostly) home users located in the US. Fruitfly: The …
Apple patches critical Broadpwn vulnerability in its various OSes
Apple has released security updates for iOS, macOS (Sierra, El Capitan, and Yosemite), Safari, iCloud, iTunes, watchOS and tvOS. As per usual, the same fixed Webkit flaws …
The future of macOS security: Baked-in protection and third-party tools
Anyone in the information security industry who’s interested in Mac security probably knows who Patrick Wardle is. Apart from being Chief Security Researcher at Synack, …
Swiss users targeted with Windows, macOS banking Trojan
Swiss users are once again hit with emails delivering banking malware, for both Windows and macOS systems. Trend Micro researchers believe the campaign to have been mounted by …
End-to-end email encryption with no central point of attack
A seamless, easy-to-use, and secure end-to-end encrypted business collaboration tool with no central point of attack is a holy grail for every business, and Boston-based …
Two Mac malware-as-a-Service offerings uncovered
Two pieces of Mac malware – MacRansom and MacSpy – that seem to be created by the same developer are being offered for sale through two separate dark web portals. …
Critical Samba code execution hole plugged, patch ASAP!
The developers of Samba have plugged a critical remote code execution flaw that could allow a malicious client to upload a shared library to a writable share, and then cause …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility