Malware caught using a macOS zero-day to secretly take screenshots
Almost exactly a month ago, researchers revealed a notorious malware family was exploiting a never-before-seen vulnerability that let it bypass macOS security defenses and run unimpeded. Now, some of the same researchers say another malware can sneak onto macOS systems, thanks to another vulnerability.
Jamf says it found evidence that the XCSSET malware was exploiting a vulnerability that allowed it access to parts of macOS that require permission such as accessing the microphone, webcam or recording the screen without ever getting consent.
XCSSET was first discovered by Trend Micro in 2020 targeting Apple developers, specifically their Xcode projects that they use to code and build apps. By infecting those app development projects, developers unwittingly distribute the malware to their users, in what Trend Micro researchers described as a “supply-chain-like attack.” The malware is under continued developm
Apple Patches Worst Zero-Day Bug In Recent Memory
May 20, 2021
Compliance
Compliance Twitter
Photo: Apple
There s one industry that has a particular knack for getting its hands on clever software vulnerabilities in macOS: the adware industry.
That ability has been demonstrated once again as Apple today patched a zero-day vulnerability, CVE-2021-30657, that allows an attacker to effortlessly route around three critical anti-malware defenses in macOS: Notarization, Gatekeeper and File Quarantine.
It was first discovered by Cedric Owens, a lead offensive security engineer with Twilio, who reported the bug to Apple. It has been patched in macOS 11.3, which was released on Monday.
minute read
Share this article:
A variant of Mac No. 1 threat Shlayer since January already has been exploiting the vulnerability, which allows payloads to go unchecked through key OS security features.
Apple patched a zero-day vulnerability in its MacOS that can bypass critical anti-malware capabilities and which a variant of the notorious Mac threat Shlayer adware dropper already has been exploiting for several months.
Security researcher Cedric Owens first discovered the vulnerability, tracked as CVE-2021–30657 and patched in macOS 11.3, an update dropped by Apple on Monday. The vulnerability is particularly perilous to macOS users because it allows an attacker to very easily craft a macOS payload that goes unchecked by the strict security features built into the OS specifically to keep malware out.
About |
Appleholic, (noun), æp·əl-hɑl·ɪk: An imaginative person who thinks about what Apple is doing, why and where it is going. Delivering popular Apple-related news, advice and entertainment since 1999.
Why enterprises must install the latest macOS software patch
The latest version of Apple s desktop OS, macOS Big Sur 11.3, protects Macs against a serious software vulnerability that places data at risk. Thinkstock
Enterprises should install Apple’s latest macOS Big Sur 11.3 update to secure their Macs. I spoke with Jamf Mac security expert Jaron Bradley, who explained why.
Install macOS 11.3 immediately
Enterprise users running fleets of Macs should get their IT support teams to approve the installation of Apple’s macOS Big Sur 11.3 update as swiftly as possible; the update should protect Macs against a serious software vulnerability that places data at risk.