Mac computer | Breaking Cybersecurity News | The Hacker News

A security researcher has discovered a critical vulnerability in the latest version of Apple's OS X Yosemite  that could allow anyone to obtain unrestricted root user privileges with the help of code that fits in a tweet. The privilege-escalation vulnerability initially reported on Tuesday by German researcher Stefan Esser , could be exploited by to circumvent security protections and gain full control of Mac computers. The most worrying part is that this critical vulnerability is yet to be fixed by Apple in the latest release of its operating system. This could make it easier for hackers to surreptitiously infect Macs with rootkits and other types of persistent malware. Thanks to an environment variable DYLD_PRINT_TO_FILE Apple added to the code of OS X 10.10 Yosemite. Apple Mac OS X Vulnerability Gives Full Control of your Mac This environment variable specifies where in the file system an operating system component called the OS X dynamic linker dyld ...

A newly discovered zombie network that exclusively targets Apple computers running Mac OS X across the globe has compromised roughly 17,000 machines so far, giving hackers backdoor access to infected computers, researchers at Russian antivirus firm Dr.Web warned. According to a survey of traffic conducted in September by researchers at Dr. Web, over 17,000 Macs globally are part of the Mac.BackDoor.iWorm botnet , which creates a backdoor on machines running OS X. Researchers say almost a quarter of iWorm botnet are located in the US. The most interesting thing to notice about this botnet is that it uses a special method of spreading via a search service of Reddit posts to a Minecraft server list subreddit to collect the IP addresses for its command and control (CnC) network. The user who had posted that subreddit data has now been shut down though the malware creators are likely to form another server list. " It is worth mentioning that in order to acquire a control server add...

Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...