Mac users urged to update Zoom, after security patch released for previously-flawed security patch

Zoom users on macOS are being told once again to update their copy of the video-conferencing software after a security hole was found that could be exploited by hackers.

Read more in my article on the Hot for Security blog. Continue reading Mac users urged to update Zoom, after security patch released for previously-flawed security patch

Likely state-based hackers infected Hong Kong websites to spy on Apple users, Google says

Suspected foreign government-backed hackers infected websites belonging to a Hong Kong-based media outlet and a pro-democracy group in a bid to install malware on visitors’ Apple devices, Google researchers say. Google’s Threat Analysis Center discovered the watering hole attack in August, which relied on a previously unreported backdoor, or zero-day flaw. “Based on our findings, we believe this threat actor to be a well-resourced group, likely state backed, with access to their own software engineering team based on the quality of the payload code,” Google’s Eyre Hernandez wrote in a blog post on Thursday. While Google didn’t attribute the attackers to a specific nation, China has long been suspected of conducting cyber-espionage and sowing disinformation aimed at democracy advocates in Hong Kong. The hackers relied on a previously known vulnerability in macOS Catalina to set up the backdoor, Google said. Apple patched the zero-day flaw on Sept. 23. The backdoor […]

The post Likely state-based hackers infected Hong Kong websites to spy on Apple users, Google says appeared first on CyberScoop.

Continue reading Likely state-based hackers infected Hong Kong websites to spy on Apple users, Google says

Patrick Wardle on Hackers Leveraging ‘Powerful’ iOS Bugs in High-Level Attacks

Noted Apple security expert Patrick Wardle discusses how cybercriminals are stepping up their game in targeting Apple users with new techniques and cyberattacks. Continue reading Patrick Wardle on Hackers Leveraging ‘Powerful’ iOS Bugs in High-Level Attacks

Apple Accidentally Notarizes Shlayer Malware Used in Adware Campaign

The notarized malware payloads were discovered in a recent MacOS adware campaign, disguised as Adobe Flash Player updates. Continue reading Apple Accidentally Notarizes Shlayer Malware Used in Adware Campaign

Black Hat 2020: ‘Zero-Click’ MacOS Exploit Chain Uses Microsoft Office Macros

At Black Hat 2020, Patrick Wardle disclosed an exploit chain that bypasses Microsoft’s malicious macros protections to infect MacOS users. Continue reading Black Hat 2020: ‘Zero-Click’ MacOS Exploit Chain Uses Microsoft Office Macros

What’s new for North Korean hackers? Kaspersky says they’re polishing tools, finding new targets

North Korean government-linked hackers have refined their malware tools and expanded their target lists over the past two years, according to new research from Kaspersky, which says the attackers have devoted “significant resources” to improving their capabilities. In particular, the hackers have aggressively deployed a multi-stage malware framework — which Kaspersky calls MATA — to target Windows, Linux, and macOS operating systems. The framework is capable of deploying more than 15 malware components and has exhibited signs that it allows attackers to move laterally once they have compromised a target network, according to the research. So far, the attackers have used MATA against a software development firm, an e-commerce company and an internet service provider, Kaspersky said. The list of affected countries includes Poland, Germany, Turkey, Japan and India, the researchers said. Based on an analysis of the framework’s filenames and configuration, Kaspersky assesses that the scheme is linked with Lazarus Group, a hacking organization the U.S. government has […]

The post What’s new for North Korean hackers? Kaspersky says they’re polishing tools, finding new targets appeared first on CyberScoop.

Continue reading What’s new for North Korean hackers? Kaspersky says they’re polishing tools, finding new targets

Zoom vulnerabilities could give attackers webcam, microphone access

Vulnerabilities discovered in popular video teleconferencing app Zoom could allow attackers to escalate privileges on a computer or allow access to users’ webcams and microphones, according to new research from Jamf Principal Security Researcher Patrick Wardle. It’s just the latest security and privacy issue for Zoom, which has been served with a class-action lawsuit over its data sharing practices, and come under scrutiny from the New York Attorney General’s Office and the FBI. Yet, if you’re already social distancing to avoid the spread of the coronavirus, the two vulnerabilities may not be a primary concern. In order for someone to exploit these zero-days, they would need to have physical access to a machine running Zoom’s MacOS client, according to Wardle. “However if you value either your (cyber) security or privacy, you … should avoid using the macOS version of the app, as neither of these essential values seem to be […]

The post Zoom vulnerabilities could give attackers webcam, microphone access appeared first on CyberScoop.

Continue reading Zoom vulnerabilities could give attackers webcam, microphone access

RSAC 2020: Editors’ Preview of Hottest Sessions, Speakers and Themes

From data privacy to industrial IoT cybersecurity concerns, Threatpost editors discuss the top stories they expect to see at this year’s RSA Conference, which kicks off next week in San Francisco. Continue reading RSAC 2020: Editors’ Preview of Hottest Sessions, Speakers and Themes

Stealthy MacOS Malware Tied to Lazarus APT

Researcher discovered a MacOS trojan hiding behind a fake crypto trading platform believed to be the work of the state-sponsored North Korean hackers behind WannaCry. Continue reading Stealthy MacOS Malware Tied to Lazarus APT

Apple patches bug that let hackers jailbreak iOS 12.4

Apple has fixed a vulnerability in the latest iPhone operating system that made it possible for hackers to “jailbreak” a device running that version of iOS. The technology company released the patch on Monday, roughly a week after a security researcher known as Pwn20wnd published a technique that would allow outsiders to obtain root access to devices running iOS 12.4. Jailbreaking allows users to install unauthorized software on a device, a process that can make phones more vulnerable to hacking. It is exceedingly rare for a jailbreak of the latest iOS to be made public. Apple previously had fixed the same bug earlier this year after a Google researcher flagged the bug in a prior version of iOS. Patrick Wardle, principal security researcher at Jamf, a company focused on Apple device security, told CyberScoop that Apple’s reintroduction of the bug was “inexcusable, as it puts millions of iOS users at risk.” Smartphone customers long have sought methods of removing their […]

The post Apple patches bug that let hackers jailbreak iOS 12.4 appeared first on CyberScoop.

Continue reading Apple patches bug that let hackers jailbreak iOS 12.4