macOS Archives - ThreatsHub Cybersecurity News

New macOS vulnerability, “HM Surf”, could lead to unauthorized data access

October 17, 2024 TH Author macOS

Microsoft Threat Intelligence uncovered a macOS vulnerability that could potentially allow an attacker to bypass the operating system’s Transparency, Consent, and Control (TCC) technology and gain unauthorized access to a user’s protected data. The vulnerability, which we refer to as “HM Surf”, involves removing the TCC protection for the Safari browser directory and modifying a […]
The post New macOS vulnerability, “HM Surf”, could lead to unauthorized data access appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE

August 8, 2024 TH Author Android, macOS, Windows

Microsoft researchers found multiple vulnerabilities in OpenVPN that could lead to an attack chain allowing remote code execution and local privilege escalation. This attack chain could enable attackers to gain full control over targeted endpoints, potentially resulting in data breaches, system compromise, and unauthorized access to sensitive information.
The post Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Unraveling the techniques of Mac ransomware

January 5, 2023 TH Author Cybersecurity, macOS, Microsoft security intelligence, ransomware

Understanding how Mac ransomware works is critical in protecting today’s hybrid environments. We analyzed several known Mac ransomware families and highlighted these families’ techniques, which defenders can study further to prevent attacks.
The post Unraveling the techniques of Mac ransomware appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability

December 19, 2022 TH Author Cybersecurity, macOS, Microsoft, Microsoft security intelligence, Security, Vulnerability

Microsoft discovered a vulnerability in macOS, referred to as “Achilles”, allowing attackers to bypass application execution restrictions enforced by the Gatekeeper security mechanism.
The post Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706

July 13, 2022 TH Author Cybersecurity, macOS, Microsoft security intelligence, Vulnerabilities

Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. We shared these findings with Apple, and fix for this vulnerability, now identified as CVE-2022-26706, was included in the security updates on May 16, 2022.
The post Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

The evolution of a Mac trojan: UpdateAgent’s progression

February 2, 2022 TH Author adware, Cybersecurity, macOS, Microsoft 365 Defender, Microsoft security intelligence, UpdateAgent

Our discovery and analysis of a sophisticated Mac trojan in October exposed a year-long evolution of a malware family—and depicts the rising complexity of threats across platforms.
The post The evolution of a Mac trojan: UpdateAgent’s progression appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

New macOS vulnerability, “powerdir,” could lead to unauthorized user data access

January 10, 2022 TH Author Cybersecurity, macOS, Microsoft security intelligence, poc, TCC, Vulnerability

A new macOS vulnerability, “powerdir,” could allow an attacker to bypass the operating system’s TCC technology and gain unauthorized access to a user’s protected data. We shared our findings with Apple through Coordinated Vulnerability Disclosure (CVD) and Apple released a fix.
The post New macOS vulnerability, “powerdir,” could lead to unauthorized user data access appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Microsoft finds new macOS vulnerability, Shrootless, that could bypass System Integrity Protection

October 28, 2021 TH Author CVE-2021-30892, Cybersecurity, macOS, Microsoft Defender for Endpoint on Mac, Microsoft security intelligence, Vulnerability

Microsoft found a vulnerability (CVE-2021-30892) that could allow an attacker to bypass System Integrity Protection (SIP) in macOS. We shared our findings with Apple via coordinated vulnerability disclosure, and a fix was released October 26.
The post Microsoft finds new macOS vulnerability, Shrootless, that could bypass System Integrity Protection appeared first on Microsoft Security Blog. READ MORE HERE…

Networkworld

Amid the pandemic, using trust to fight shadow IT

May 20, 2020 TH Author Android, Hardware, IDG Insider, ios, macOS, Mobile Management, Security, Software, Windows

With most workers scattered at home and trying to come up with their own ad-hoc IT workarounds, there’s an easy way for IT shops to build trust: communicate. (Insider Story) READ MORE HERE…

TrendMicro

Trend Micro Antivirus for Mac 2019 is Certified by AV-TEST with Top Scores for Protection, Performance, and Usability

February 21, 2019 TH Author AV-TEST, Consumer, macOS

Current and potential users of the latest edition of Trend Micro Antivirus for Mac (v9.0, for 2019) will be pleased to know that it achieved MacOS Certification and top scores in all three categories in the recent AV-TEST Product Review and Certification Report – Dec/2018. Trend Micro Antivirus for Mac was tested against eight other…
The post Trend Micro Antivirus for Mac 2019 is Certified by AV-TEST with Top Scores for Protection, Performance, and Usability appeared first on . Read More HERE…

← Previous