Infostealer AMOS will Cookies, Passwörter und Autofills – von macOS

Credit to Author: Jörg Schindler| Date: Tue, 10 Sep 2024 09:00:41 +0000

Seit Langem hält sich der Glaube, dass das macOS-Betriebssystem weniger anfällig für Schadsoftware ist als Windows. Das mag an der geringeren Marktdominanz liegen und verschiedenen eigenen Sicherheitsfeatures, die von den Malware-Entwicklern andere Ansätze verlangen. Man ging davon aus, dass hier nur unkonventionelle Attacken und Schadsoftware eine Chance hätten. Diese Annahme ist nun endlich passé. Mainstream-Schadsoftware […]

Read more

New macOS vulnerability, “HM Surf”, could lead to unauthorized data access

Credit to Author: Microsoft Threat Intelligence| Date: Thu, 17 Oct 2024 16:00:00 +0000

Microsoft Threat Intelligence uncovered a macOS vulnerability that could potentially allow an attacker to bypass the operating system’s Transparency, Consent, and Control (TCC) technology and gain unauthorized access to a user’s protected data. The vulnerability, which we refer to as “HM Surf”, involves removing the TCC protection for the Safari browser directory and modifying a […]

The post New macOS vulnerability, “HM Surf”, could lead to unauthorized data access appeared first on Microsoft Security Blog.

Read more

Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE

Credit to Author: Microsoft Threat Intelligence| Date: Thu, 08 Aug 2024 18:00:00 +0000

Microsoft researchers found multiple vulnerabilities in OpenVPN that could lead to an attack chain allowing remote code execution and local privilege escalation. This attack chain could enable attackers to gain full control over targeted endpoints, potentially resulting in data breaches, system compromise, and unauthorized access to sensitive information.

The post Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE appeared first on Microsoft Security Blog.

Read more

JAMF warns: Many Apple-using businesses still aren’t secure

Your enterprise security does not live in isolation — the threat environment extends across all your colleagues, partners, and friends.

That’s why it’s very concerning that so many businesses continue to fail to meet basic security hygiene standards, according to the latest Security 360 report from Jamf.

Data is gold, which attackers recognize — even many in business don’t. Every stolen address, email, phone number, name, or even passport number is an ID attack waiting to happen, a path to enable a more complex phishing scam, or just an opportunity to call someone up and claim the target has a problem with their computer that they can help them with.

To read this article in full, please click here

Read more

Apple is ramping up its fight against malware

Ensuring platform security is hard, but when a company the stature of Apple begins to ramp up protection of its ecosystem, every IT decision maker should pay attention. Unfortunately, this is precisely what’s happening: Apple is now updating fundamental protection at a faster clip than it’s ever done before.

Apple’s security teams are alert

That important revelation comes from Howard Oakley at the excellent Eclectic Light Company blog. He notes that in the six weeks ending Feb. 9 Apple, has updated a Mac security feature called XProtect five times — introducing 11 new rules to the service.

To read this article in full, please click here

Read more

Attacks against personal data are up 300%, Apple warns

Read more