Ads prominently displayed on search engines are impersonating a wide range of online services in a bid to infect Macs with a potent credential stealer, security companies have warned. The latest reported target is users of the LastPass password manager. Late last week, LastPass said it detected a widespread campaign that used search engine optimization… Read More »
Credit: Apple As the video explains: This new process is fundamentally different and more secure than traditional credential export methods, which often involve exporting an unencrypted CSV or JSON file, then manually importing it into another app. The transfer process is user initiated, occurs directly between participating credential manager apps and is secured by local… Read More »
“These enhanced features add to this malware family’s previously known capabilities, like targeting digital wallets, collecting data from the Notes app, and exfiltrating system information and files,” Microsoft wrote. XCSSET contains multiple modules for collecting and exfiltrating sensitive data from infected devices. Microsoft Defender for Endpoint on Mac now detects the new XCSSET variant, and… Read More »
Aurich Lawson reader comments 19 Vulnerabilities that went undetected for a decade left thousands of macOS and iOS apps susceptible to supply-chain attacks. Hackers could have added malicious code compromising the security of millions or billions of people who installed them, researchers said Monday. The vulnerabilities, which were fixed last October, resided in a “trunk”… Read More »
OpenAI / Apple / Benj Edwards reader comments 125 On Monday, Apple announced it would be integrating OpenAI’s ChatGPT AI assistant into upcoming versions of its iPhone, iPad, and Mac operating systems. It paves the way for future third-party AI model integrations, but given Google’s multi-billion-dollar deal with Apple for preferential web search, the OpenAI… Read More »
Kim et al. reader comments 49 with Researchers have devised an attack that forces Apple’s Safari browser to divulge passwords, Gmail message content, and other secrets by exploiting a side channel vulnerability in the A- and M-series CPUs running modern iOS and macOS devices. iLeakage, as the academic researchers have named the attack, is practical… Read More »
reader comments 39 with End users, admins, and researchers better brace yourselves: The number of apps being patched for zero-day vulnerabilities has skyrocketed this month and is likely to get worse in the following weeks. People have worked overtime in recent weeks to patch a raft of vulnerabilities actively exploited in the wild, with offerings… Read More »
How can you argue against these numbers? 20th Century Fox / Aurich Lawson reader comments 146 with According to one measurement by one firm, Linux reached 3.07 percent market share of global desktop operating systems in June 2023. It’s a notable first for the more than 30-year-old operating system, though other numbers in Statcounter’s chart… Read More »
Getty Images reader comments 42 with Researchers have discovered previously unknown Mac malware infecting a cryptocurrency exchange. It contains a full suite of capabilities, including the ability to steal private data and download and execute new malicious files. Dubbed JokerSpy, the malware is written in the Python programming language and makes use of an open… Read More »
Getty Images reader comments 83 with Share this story Security researchers are examining newly discovered Mac ransomware samples from the notorious gang LockBit, marking the first known example of a prominent ransomware group toying with macOS versions of its malware. Ransomware is a pervasive threat, but attackers typically don’t bother creating versions of their malware… Read More »