Adware installer gives itself permission to access Mac users’ keychain
“Malwarebytes researcher Adam Thomas has made an interesting discovery: an adware installer created by Genieo, a well-known distributor of unwanted software, is taking …
Researcher releases exploit for OS X 0-day that gives root access
Italian security researcher Luca Todesco has published PoC exploit code for a newly discovered zero-day privilege escalation flaw affecting OS X Yosemite (v10.10) and …
Apple fixes a bucketload of vulnerabilities in everything
Apple has pushed out updates for OS X Yosemite, OS X Server, iOS and Safari, fixing a bucketload of critical and less critical vulnerabilities.While the OS X Server update …
Open source tool for deploying SSL public key pinning in iOS, OS X apps
At Black Hat USA 2015, Data Theorem and Yahoo! will be unveiling TrustKit, a new, open source security toolkit that helps developers easily include complex mobile security …
Hackers actively exploiting OS X zero-day to root machines, deliver adware
“Attackers are actively exploiting a zero-day privilege escalation vulnerability affecting the latest version of Apple’s OS. The bug’s existence has been …
Macs can be permanently compromised via firmware worm
“Security researchers Xeno Kovah and Trammell Hudson have discovered several flaws in the firmware installed on Apple computers, and have created a worm that can …
Bug in OS X Yosemite allows attackers to gain root access
Security researcher Stefan Esser has revealed the existence of a privilege escalation vulnerability affecting OS X 10.10 (Yosemite), and has provided a working proof of …
Apple to introduce two-factor authentication option in iOS 9 and OS X El Capitan
Starting with OS X 10.11 (“El Capitan”) and iOS 9, Apple will introduce a two-factor authentication option that will replace the current two-step verification …
Security updates for OS X, iOS fix bucketload of serious bugs
Apple has released security updates for Safari, OS X Yosemite (and previous OS X versions), and iOS.The OS X update contains fixes for 77 vulnerabilities, many of which can be …
Unpatched OS X, iOS flaws allow password, token theft from keychain, apps
Six researchers from Indiana University Bloomington, Peking University and Georgia Tech have recently published a paper in which they detail the existence of critical security …
The importance of data loss prevention for OS X
Apple products have increasingly gained popularity in enterprise environments due to perception that they are so secure they will never get attacked and no data will be …
Apple’s fix didn’t close Rootpipe backdoor
When TrueSec researcher Emil Kvarnhammar discovered a privilege escalation bug affecting OS X that could allow attackers to gain complete control of the target’s Mac …