Skip to main content
Major Thunderbolt security loopholes fuel data theft, Macs partially affected

Major Thunderbolt security loopholes fuel data theft, Macs partially affected

A Dutch researcher has unearthed critical flaws in Intel’s Thunderbolt interface that allow an attacker to hack a vulnerable system in minutes. If your computer is equipped with a Thunderbolt port and was manufactured before 2019, then it’s most likely susceptible to a stealth compromise codenamed Thunderspy. It allows an attacker to exploit the interface for bypassing the regular authentication and gaining a foothold in the machine even if it is locked and its hard drive is encrypted.

David Balaban
David Balaban
19
Apple is the most mimicked brand in phishing scams

Apple is the most mimicked brand in phishing scams

According to recent findings of security analysts, Apple customers are in the epicenter of brand-based phishing attacks in Q1 2020. If you own a Mac computer or an iOS device, numerous perks are at your fingertips. The only major caveat is that you are more likely to encounter brand-related phishing hoaxes compared to customers of any other popular technology company. In case you find this statement far-fetched, the Q1 2020 Brand Phishing Report by Check Point cybersecurity firm will prove you wrong.

David Balaban
David Balaban
27
macOS Catalina 10.15.4 gets bug fixes in a supplemental update

macOS Catalina 10.15.4 gets bug fixes in a supplemental update

On April 8, Apple rolled out a supplemental update to the latest macOS Catalina 10.15.4 to address recent bugs and improve the system’s overall stability. This release came in quick succession after macOS version 10.15.4 which went live on March 24, 2020. The original update introduced a number of notable features and tweaks – here’s a brief roundup of what’s under the hood. One of them is iCloud Drive folder sharing through Finder. Another enhancement made it easier for parents to keep tabs on their kids’ online activities by enabling flexible communication limits in Screen Time.

David Balaban
David Balaban
312
Apple paid white hat hacker $75,000 for unearthing zero-days

Apple paid white hat hacker $75,000 for unearthing zero-days

A bug bounty program is an amazingly effective way for software makers and device manufacturers to explore weaknesses in what they create. Apple joined the club in December 2019 by encouraging everyone, not only invited researchers, to put their products to the test. The first results of this move have been quick to arrive as a security analyst found a way to exploit Safari vulnerabilities and access the camera on iOS and macOS devices.

David Balaban
David Balaban
25
State-sponsored Mac malware going beyond the intended area

State-sponsored Mac malware going beyond the intended area

There’s no denying that nation-states are big players in the cyber domain and this activity isn’t restricted to safeguarding the critical infrastructure and governmental information assets against different types of breaches. A particularly controversial vector involves espionage and sabotage through digital means. White hats have recently shown how state-sponsored Mac malware can be weaponized by their financially motivated black hat counterparts to steal users’ data and wreak other forms of havoc.

David Balaban
David Balaban
29
Zoom could install malware: How to completely remove Zoom from Mac

Zoom could install malware: How to completely remove Zoom from Mac

In light of the COVID-19 emergency, a plethora of businesses around the world have been forced to switch to a remote workplace approach. The new reality is pretty much a no-go without video conferencing services like Zoom. However, it turned out that the above-mentioned app has gaping security loopholes some of which affect Mac users. Find out what these bugs are and what kind of consequences they may entail for one’s privacy and security.

David Balaban
David Balaban
1.0K