Mac malware intercepts encrypted web traffic for ad injection

New Mac malware has been found that intercepts encrypted traffic for the purpose of injecting ads into web pages. But could this adware be used for more devious purposes in the future?

Read more

Holes found in Mojave’s privacy protection

Issues with the privacy protection features of macOS Mojave have already begun to appear, and may cause more problems than they solve.

Read more

Safari users: Where did your extensions go?

Safari has begun blocking legacy extensions installed from outside the Extensions Gallery. Unfortunately, implementation of this policy has been abrupt, with little explanation for users on why their extensions are being yanked. Let’s look at how Apple’s new policy and how its application impacts security.

Read more

Mac App Store apps are stealing user data

There are several apps in the Mac App Store that are collecting data about users that they should not be collecting. Here’s what you need to know.

Read more

The state of Mac malware

Mac users are often told that there are no Mac viruses. In reality, Mac malware does exist, as we’ll see in this summary of 2018 Mac threats, our State of Mac Malware report.

Read more

New Mac cryptominer has 23 older variants

The new Mac cryptominer, OSX.CreativeUpdate, turns out to be older than we thought, with 23 variants found dating back to October 2017.

Read more

Interesting disguise employed by new Mac malware HiddenLotus

A new piece of Mac malware called HiddenLotus is using a clever new trick to fool users into opening it.

Read more

Yet another flaw in Apple’s “iamroot” bug fix

Flaws in Apple’s response to the “iamroot” vulnerability show that some systems can remain vulnerable even after applying the patch.

Read more

Keychain vulnerability in macOS

On Monday, Patrick Wardle, a respected security researcher at Synack and owner of Objective-See, sent a tweet about a keychain vulnerability he had found in macOS High Sierra. As his tweet showed, it is possible for a malicious app to extract, and then exfiltrate, keychain data from High Sierra, with passwords clearly exposed in plain text.

Read more

A week in security (May 01 – May 07)

A compilation of notable security news and blog posts from the 1st of May to the 7th. We touched on topics like Mac malware, OWASP, and password management.

Read more

Cybersecurity info you can't do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.

Select your language