Xcode projects weaponized to distribute Mac malware
A sneaky strain of malware dubbed XCSSET is doing the rounds via poisoned Xcode projects, mostly affecting Safari and other browsers running on a victim’s Mac. The unorthodox infection chain has been recently discovered by a team of researchers at Trend Micro. According to their findings, malicious actors are exploiting Xcode projects to host and spread harmful payloads. For those uninitiated, Xcode is an integrated development environment (IDE) for macOS.
Macros vs macOS: advanced exploit chain targeting Macs
Well-known researcher unveils a new powerful exploit that allows executing malicious Office macros on a Mac computer with zero user interaction. Macros in Office documents are intended to facilitate the execution of iterative tasks. These are shortcuts to performing routine actions and therefore they are, ideally, both helpful and benign. However, in pursuit of workarounds to plague systems with malicious code, cybercriminals have been mishandling macros for years.
Apple is stepping up app verification through new App Attest API
The DeviceCheck feature will get an overhaul in iOS 14, with the all-new App Attest API being added for more effective defenses against security threats. Apple has issued an advisory to iOS app developers, recommending that they make the most of the brand-new application programming interface (API) that will complement their app integrity protection with an extra layer. The functionality is part of the existing DeviceCheck service aimed at minimizing the abuse of code tailored for iOS platform.
Apple’s Secure Enclave is exposed to a new unpatchable exploit
Hackers claim to have discovered a flaw in several generations of the Secure Enclave chip that cannot be fixed because it’s exploitable at the hardware level. Secure Enclave, the proprietary technology used by Apple to step up the security of users’ data, is front-page news once again – this time, in a negative context.
Apple’s Face ID will likely get a boost
iPhone and iPad users have been familiar with the Face ID technology since 2017 when it made its debut with the release of the iPhone X. It’s generally thought of as a handy and highly secure way to unlock devices and even make purchases without having to enter passwords. The facial recognition routine is not perfectly accurate in every situation, though. The so-called “evil twin” attack demonstrates how a potential adversary can be erroneously identified as the legitimate device owner based on similar face patterns.
Researcher unveils a new macOS security flaw
A developer has found a vulnerability that allows an attacker to bypass privacy protections in macOS Mojave and later versions of the operating system. The exploit was discovered by a macOS developer named Jeff Johnson in September 2019 but hadn’t been disclosed to the public until late June 2020. The reason for this gap is that the enthusiast reported his findings to the Apple Security Bounty Program the day it was launched in an attempt to get a reward.