Found 355 bookmarks
Custom sorting
The Hidden Treasures of Crash Reports
The Hidden Treasures of Crash Reports
Sadly, nobody really loves crash reports, but I’m here to change that! This research, a crash course on crash reports, will highlight how these often overlooked files are an invaluable source of information, capable of revealing malware infections, exploitation attempts, or even buggy (exploitable?) system code. Such insights are critical for defense and offense, empowering us to either protect or exploit macOS systems.
#objective-see#EN#2024#crash-report#course#Hidden#analysis#macos
·objective-see.org·
The Hidden Treasures of Crash Reports
Apple Rolls Out Security Updates for iOS, macOS
Apple Rolls Out Security Updates for iOS, macOS
Apple on Monday announced a hefty round of security updates that address dozens of vulnerabilities impacting both newer and older iOS and macOS devices. iOS 17.6 and iPadOS 17.6 were released for the latest generation iPhone and iPad devices with fixes for 35 security defects that could lead to authentication and policy bypasses, unexpected application termination or system shutdown, information disclosure, denial-of-service (DoS), and memory leaks.
#securityweek#EN#2024#macos#ios#ipados#Security#Updates#for#iOS#iOS17.6
·securityweek.com·
Apple Rolls Out Security Updates for iOS, macOS
Malicious Python Package Targets macOS Developers
Malicious Python Package Targets macOS Developers
  • A package called “lr-utils-lib” was uploaded to PyPi in early June 2024, containing malicious code that executes automatically upon installation. The malware uses a list of predefined hashes to target specific macOS machines and attempts to harvest Google Cloud authentication data. The harvested credentials are sent to a remote server.
#checkmarx#EN#2024#macOS#stealer#Supply-chain-attack#PyPI#pypi-malware#lr-utils-lib#developpers
·checkmarx.com·
Malicious Python Package Targets macOS Developers
Vulnerabilities in CocoaPods Open the Door to Supply Chain Attacks Against Thousands of iOS and MacOS Applications
Vulnerabilities in CocoaPods Open the Door to Supply Chain Attacks Against Thousands of iOS and MacOS Applications
  • E.V.A Information Security researchers uncovered several vulnerabilities in the CocoaPods dependency manager that allows any malicious actor to claim ownership over thousands of unclaimed pods and insert malicious code into many of the most popular iOS and MacOS applications. These vulnerabilities have since been patched. Such an attack on the mobile app ecosystem could infect almost every Apple device, leaving thousands of organizations vulnerable to catastrophic financial and reputational damage. One of the vulnerabilities could also enable zero day attacks against the most advanced and secure organizations’ infrastructure. Developers and DevOps teams that have used CocoaPods in recent years should verify the integrity of open source dependencies used in their application code. * Dependency managers are an often-overlooked aspect of software supply chain security. Security leaders should explore ways to increase governance and oversight over the use these tools.
#evasec#EN#2024#CocoaPods#Supply#Chain#Attacks#macOS#iOS#CVE-2024-38368
·evasec.io·
Vulnerabilities in CocoaPods Open the Door to Supply Chain Attacks Against Thousands of iOS and MacOS Applications
Des cybercriminels diffusent des maliciels pour macOS au nom d’AGOV
Des cybercriminels diffusent des maliciels pour macOS au nom d’AGOV
28.06.2024 - Le soir du 27 juin 2024, des cybercriminels ont lancé une campagne de « malspam » à grande échelle contre des citoyennes et citoyens de Suisse alémanique. Par le biais d’un e-mail dont l’expéditeur présumé est AGOV, ils tentent d’infecter les appareils des utilisatrices et utilisateurs de macOS avec un maliciel (malware en anglais) du nom de « Poseidon Stealer ».
#ncsc#admin.ch#FR#CH#suisse#campagne#malspam#macOS#AGOV#PoseidonStealer
·ncsc.admin.ch·
Des cybercriminels diffusent des maliciels pour macOS au nom d’AGOV
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
Sometimes when we publish details and writeups about vulnerabilities we are so focused on the actual bug, that we don't notice others, which might be still hidden inside the details. The same can happen when we read these issues, but if we keep our eyes open we might find hidden gems. Download Slides Download Whitepaper
#blackhat#2022#session#bug#writeup#presentation#macos#hidden#Vulnerabilities#Fitzl#offensivesecurity#CVE-2021-1815#CVE-2021-30972
·blackhat.com·
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
Analyzing a watering hole campaign using macOS exploits
Analyzing a watering hole campaign using macOS exploits
To protect our users, TAG routinely hunts for 0-day vulnerabilities exploited in-the-wild. In late August 2021, TAG discovered watering hole attacks targeting visitors to Hong Kong websites for a media outlet and a prominent pro-democracy labor and political group. The watering hole served an XNU privilege escalation vulnerability (CVE-2021-30869) unpatched in macOS Catalina, which led to the installation of a previously unreported backdoor.
#macOS#EN#google#wateringhole#exploit#CVE-2021-30869
·blog.google·
Analyzing a watering hole campaign using macOS exploits
Why is the Zoom app listening on my microphone...
Why is the Zoom app listening on my microphone...
I'm running MacOS Monterey. Several times in the last few weeks, I've noticed the orange dot indicating the microphone is being used by an app, and I click on the Control Center and see that Zoom is accessing the microphone. I'm not in a meeting and simply have the Zoom app open. Why would Zoom be accessing the microphone when I'm not in a meeting?
#zoom#EN#macOS#bug#microphone
·community.zoom.com·
Why is the Zoom app listening on my microphone...
Malicious Go Binary Delivered via Steganography in PyPI
Malicious Go Binary Delivered via Steganography in PyPI
On May 10, 2024, Phylum’s automated risk detection platform alerted us to a suspicious publication on PyPI. The package was called requests-darwin-lite and appeared to be a fork of the ever-popular requests package with a few key differences, most notably the inclusion of a malicious Go binary packed into
#phylum#EN#2024#Steganography#macOS#Go
·blog.phylum.io·
Malicious Go Binary Delivered via Steganography in PyPI
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
Sometimes when we publish details and writeups about vulnerabilities we are so focused on the actual bug, that we don't notice others, which might be still hidden inside the details. The same can happen when we read these issues, but if we keep our eyes open we might find hidden gems. Download Slides Download Whitepaper
#blackhat#2022#session#bug#writeup#presentation#macos#hidden#Vulnerabilities#Fitzl#offensivesecurity#CVE-2021-1815#CVE-2021-30972
·blackhat.com·
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)