Security

macOS has a number of built-in tools to detect Mac malware, with Background Task Manager added to the defenses last year. However, a security researcher says that this can be trivially bypassed, and that Apple failed to act on his recommendations to fix it.

Patrick Wardle presented his findings at the Defcon hacker conference, making the unusual decision to do so without advising Apple ahead of time …

Following its 2023 State of Malware report back in February, Malwarebytes is out with its yearly State of Ransomware study. As attacks continue to grow, the US saw 7 times more ransomware incidents than the second most attacked country. Here are the details of what the report found.

Cybersecurity firm Guardz has found Russian hackers offering for sale a Hidden VNC tool specifically designed to give attackers full access to Macs. It follows a similar tool for accessing Windows PCs, and is geared to stealing personal data and logins.

The HVNC (Hidden Virtual Network Computer) is being sold on the dark web, and as a sign of good faith that the tool works as claimed, the hackers have deposited $100K in an escrow account …

Coming on the heels of ShadowVault, a new infostealer malware dubbed “Realst” is being implemented into fake blockchain games by cybercriminals in a massive campaign targeting Windows and macOS users, including those on macOS 14 Sonoma.

Apple has released iOS 16.6 today for everyone and while the update doesn’t come with new user-facing features, it has over a dozen important security fixes. And notably, two of the fixes are for actively exploited flaws.

As we often report here, it’s common for tech companies to help each other improve their security systems by sharing zero-day exploits found by security researchers. Google, for example, does this a lot. But recently, an Apple employee reportedly found a zero-day exploit in Google Chrome – and that bug was never reported to Apple by that person.

The White House has announced a plan intended to improve the security of smart home tech. The government will test everything from smart speakers to Wi-Fi routers, awarding a US Cyber Trust Mark logo to products which pass the tests.

The National Institute of Standards and Technology (NIST) will set the standards to be met, and the Federal Communications Commission (FCC) will manage the program …

The Russian security service, the FSB, has extended its earlier ban on the use of iPhones. The latest ban applies to thousands more government workers, and now includes iPads and Macs.

The FSB has repeated its earlier claims that Apple has provided the NSA with a backdoor into its devices, allowing US security services to spy on Russian officials …

Apple yesterday released an iOS 16.5.1 update to fix a security vulnerability which is being actively exploited by attackers – but then withdrew it again.

The problem, it appears, is that a tiny change in Safari caused a number of websites to break …

Earlier this year, we saw a new malware designed for Macs called MacStealer that can compromise passwords, credit card numbers, crypto wallets, and more. After a second version of that popped up in April, a third advanced Mac malware called ShadowVault macOS Stealer has surfaced. Here’s what it can do and how to protect your Mac.

Back in April, Proton launched a beta for the service that’s been one of the most requested by its users. Now Proton Pass, the end-to-end encrypted password manager has officially launched for all users on desktop and iOS/Android. And there’s even a free version that includes storing unlimited credentials and notes.

Last week, Australia’s prime minister offered some security advice for iPhone users, suggesting that everyone should turn off their iPhone for five minutes every night. On the surface, this may seem like harmless advice for iPhone users, but the reality is quite a bit more nuanced.

In fact, such broad and generalized statements like this one can do a disservice to most people. Here’s why.

Australia’s prime minister has echoed the advice of cybersecurity professionals, in recommending that you turn off your iPhone for five minutes every night.

No, it’s not so you can reduce your daily Screen Time to 23 hours and 55 minutes, but to stop any spyware that may be running in the background on your device …

Coming with the release iOS 16.5.1, macOS 13.4.1, and more today, Apple has shipped two important fixes for security flaws. The updates arrive for devices on the latest public software and those on older versions of its software. Notably, Apple has heard the flaws have been actively exploited.

Earlier today, the Federal Security Service accused the NSA of hacking iPhones of citizens and foreign diplomats in Russia as part of a an espionage operation. Apple has now responded indirectly to Russia’s claim that the alleged operation included close cooperation between the company and the NSA. 9to5Mac has the statement below.