/ Security Assessments News /

Apple said it has pushed a silent macOS update that removes the undocumented webserver that was installed by the Zoom conferencing app for Mac. The webserver accepts connections from any device connected to the same local network, a security researcher disclosed on Monday. The server continues to run even when a Mac user uninstalls Zoom. …

/ Security News /

If you use Zoom video conferencing software on your Mac computer—then beware—any website you’re visiting in your web browser can turn on your device camera without your permission. Ironically, even if you had ever installed the Zoom client on your device and simply uninstalled it, a remote attacker can still activate your webcam. Zoom is …

/ Security News /

Cybersecurity researchers from Intego are warning about possible active exploitation of an unpatched security vulnerability in Apple’s macOS Gatekeeper security feature details and PoC for which were publicly disclosed late last month. Intego team last week discovered four samples of new macOS malware on VirusTotal that leverage the GateKeeper bypass vulnerability to execute untrusted code …

/ Security News /

EXCLUSIVE — While revealing details of a massive supply chain cyber attack against ASUS customers, Russian security firm Kaspersky last week didn’t release the full list all MAC addresses that hackers hardcoded into their malware to surgically target a specific pool of users. Instead, Kaspersky released a dedicated offline tool and launched an online web …

/ Security News /

Brace yourself guys. Microsoft is going to release its Windows Defender ATP antivirus software for Mac computers. Sounds crazy, right? But it’s true. Microsoft Thursday announced that the company is bringing its anti-malware software to Apple’s macOS operating system as well—and to more platforms soon, like Linux. As a result, the technology giant renamed its …

/ Security News /

Mac users need to beware of a newly discovered piece of malware that steals their web browser cookies and credentials in an attempt to withdraw funds from their cryptocurrency exchange accounts. Dubbed CookieMiner due to its capability of stealing cookies-related to cryptocurrency exchanges, the malware has specifically been designed to target Mac users and is …

/ Security News /

German police are seeking your help in gathering information related to a MAC address that could lead to the cell phone device used by a DHL blackmailer who last year parceled out bombs at different addresses in Brandenburg and Berlin. Between November 2017 and April 2018, someone used German parcel delivery service DHL to sent …

/ Security News /

A highly popular top-tier app in Apple’s Mac App Store that’s designed to protect its users from adware and malware threats has been, ironically, found surreptitiously stealing their browsing history without their consent, and sending it to a server in China. What’s more concerning? Even after Apple was warned a month ago, the company did …

/ Security News /

A years-old vulnerability has been discovered in the way several security products for Mac implement Apple’s code-signing API that could make it easier for malicious programs to bypass the security check, potentially leaving millions of Apple users vulnerable to hackers. Josh Pitts, a researcher from security firm Okta, discovered that several third-party security products for …

/ Security News /

It turns out that macOS client for the popular end-to-end encrypted messaging app Signal fails to properly delete disappearing (self-destructing) messages  from the recipient’s system, leaving the content of your sensitive messages at risk of getting exposed. For those unaware, the disappearing messages in Signal self-destruct after a particular duration set by the sender, leaving …