Checkm8 vulnerability used to jailbreak iPhones hits Macs as well.
The Checkm8 vulnerability that exposed years of iPhones to jailbreaking has finally been exploited in Macs as well.
New-fangled malware protection gives users a false sense of security, critics say.
Apple says the malware has now been blocked
Apple‘s track record is rather clean when it comes to maintaining security for its Macs. However, a newly found goof-up might screw up its impressive scorecard. The company accidentally approved an Adobe Flash-based malware to run on Macs without any warning. Security researchers Patrick Wardle and Peter Dantini found this bug in a Flash-powered installer hosted on a copycat site of Homebrew, a package management system for Linux. To ensure that apps running on macOS are secure, Apple asks developers for what’s called a Notarization process. If the company’s automated service finds that the app doesn’t have any malware, it issues a… This story continues at The Next WebOr just read more coverage about: Apple
Once the darling of the Internet, Adobe, formerly Macromedia, Flash has long fallen from grace and even banned in many corners of the Web for its security vulnerabilities. That, however, hasn’t really stopped some users from trying to install it, for one reason or another, nor does it stop malware writers from taking advantage of that. Unfortunately for Apple, the … Continue reading
Illustration by Alex Castro / The Verge Apple accidentally approved common malware disguised as an update for Adobe Flash Player to run on macOS, according to a new report. According to security researcher Patrick Wardle, Apple approved an app that contained code used by a well-known malware called Shlayer. Shlayer is a trojan downloader that spreads through fake applications, bombarding users with an influx of adware. Shlayer is the “most common threat” to Macs, cybersecurity and anti-virus firm Kaspersky said in 2019. Apple announced the macOS notarizing process in 2019 Wardle says this is the first time he knows of that Apple mistakenly notarized malware following the debut of its new notarization process. Apple announced the macOS notarizing process in 2019, requiring... Continue reading…
The ubiquitous Shlayer adware has picked up a new trick, slipping past Cupertino's “notarization” defenses for the first time.
Plus: Sec wizard shows another way to pwn Mac users In brief  A city in Colorado, USA, has swallowed its pride and paid off a malware gang after deciding the cost of a network nuke-and-pave was too high.…
Plus: A Canon ransomware hack, a nasty Twitter bug, and more of the week's top security news.
Series of bugs could allow hackers to take control of Apple Mac devices using infected Office documents.
The now-patched vulnerability would have let hackers target Microsoft Office using Symbolic Link—a file type that hasn't been in common use in over 30 years.
And don't forget to limit ad tracking. Advisory contains a host of recommendations.
Last year, Apple announced a special device just for hackers. The phone—for approved researchers only—will soon go into circulation.