⚡ Webinar ▶ Level-Up SaaS Security: A Comprehensive Guide to ITDR and SSPM Save Your Seat
#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter

Mac | Breaking Cybersecurity News | The Hacker News

Your MacBook Camera could Spy on You without lighting up the warning light

Your MacBook Camera could Spy on You without lighting up the warning light

Dec 20, 2013
If you own Apple's MacBook, you should cover up it's webcam, because there's a possibility someone could be watching you. Like most webcams, the MacBook also has a tiny green light lets you know that the webcam is active, but it's possible for malware to disable this important privacy feature on older Mac computers ( models released before 2008 ). Matthew Brocker and Stephen Checkoway , students from Johns Hopkins University created a proof-of-concept app called " iSeeYou " that confirmed that MacBook iSight webcams can spy on their users without the warning light being activated. A young man recently pleaded guilty in court to extortion after he performed a remote hack on Miss Teen USA's webcam to secretly collect nude photos. It was revealed through court papers that the FBI has the ability to do the same thing with a variety of current laptops including Apple products. To make it possible, they created a modified version of the iSight firmware and t
Patch released for critical Adobe vulnerabilities

Patch released for critical Adobe vulnerabilities

Feb 20, 2013
Today Adobe released a patch for two critical vulnerabilities (CVE-2013-0640 and CVE-2013-0641) that are already being exploited by attackers. Adobe released version 11.0.02 of its Adobe Reader and Adobe Acrobat Pro applications.  Vulnerabilities affect Adobe Reader and Acrobat XI (11.0.01 and earlier), X (10.1.5 and earlier) and 9.5.3 and earlier for Windows and Mac OS X systems. " These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system ." security advisory  reads . Exploits were discovered by security company FireEye and researchers with antivirus provider Kaspersky Lab have confirmed the exploit can successfully escape the Adobe sandbox. Users can update the software through the built-in updater or by downloading a copy of the  Windows ,  Mac , or  Linux  installer directly from Adobe's website. 
cyber security

external linkThe Latest SaaS Security Information Resource

websiteSaaS Security on TapSaaS Security
Discover SaaS Security on Tap, a video series bringing you all the ins and outs of securing your SaaS stack. Watch now.
Chinese Government targets Uyghur group by malware attack

Chinese Government targets Uyghur group by malware attack

Feb 14, 2013
An old vulnerability in Word for OS X is being used in increasing levels of attacks,  probably government-sponsored hacking programs  against Uyghur group, including Tibetans, NGOs and human rights organizations. A number of attacks have been seen directed at the World Uyghur Congress, a Munich-based organization that promotes human rights. Potential victims are often tricked by so-called spear phishing attacks, the targets receive an e-mail with a subject relevant to their interests, and a Word document attached.  When they open the document, TinySHell exploits a vulnerability and then infects the computer. Exploit allows long-term monitoring or even control of the compromised system though a backdoor it installs. The malware is configured to connect to command and control servers that have been used for years in APT attacks. All the attacks use exploits for the CVE-2009-0563 (Microsoft Office) vulnerability and The backdoor also includes hard-coded functionality to
Cybersecurity Resources