#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

gatekeeper mac | Breaking Cybersecurity News | The Hacker News

New Mac Malware Exploits GateKeeper Bypass Bug that Apple Left Unpatched

New Mac Malware Exploits GateKeeper Bypass Bug that Apple Left Unpatched

Jun 25, 2019
Cybersecurity researchers from Intego are warning about possible active exploitation of an unpatched security vulnerability in Apple's macOS Gatekeeper security feature details and PoC for which were publicly disclosed late last month. Intego team last week discovered four samples of new macOS malware on VirusTotal that leverage the GateKeeper bypass vulnerability to execute untrusted code on macOS without displaying users any warning or asking for their explicit permission. However, the newly discovered malware, dubbed OSX/Linker , has not been seen in the wild as of now and appears to be under development. Though the samples leverage unpatched Gatekeeper bypass flaw, it does not download any malicious app from the attacker's server. According to Joshua Long from Intego, until last week, the "malware maker was merely conducting some detection testing reconnaissance." "One of the files was signed with an Apple Developer ID (as explained below), it is
Apple's Mac OS X Still Open to Malware, Thanks Gatekeeper

Apple's Mac OS X Still Open to Malware, Thanks Gatekeeper

Jan 16, 2016
Apple Mac Computers are considered to be much safer than Windows computers at keeping out the viruses and malware, but the new Exploit discovered by researchers again proves it indeed quite false. Last year, The Hacker News reported a deadly simple exploit that completely bypassed one of the core security features in Mac OS X known as Gatekeeper . Apple released a patch in November, but now the same security researcher who discovered the original Gatekeeper bypass vulnerability said he found an equally obvious workaround. Patrick Wardle, ex-NSA staffer and head of research at security intelligence firm Synack, said the security patch released by Apple was " incredibly weak " and that the update was " easy to bypass " in minutes. Gatekeeper's Failure Once Again Introduced in July of 2012, Gatekeeper is Apple's anti-malware feature designed to block untrusted, dodgy apps from running, keeping Mac OS X systems safe from malware. Ho
How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte
Deadly Simple Exploit Bypasses Apple Gatekeeper Security to Install Malicious Apps

Deadly Simple Exploit Bypasses Apple Gatekeeper Security to Install Malicious Apps

Oct 01, 2015
Apple Mac Computers are considered to be invulnerable to malware, but the new Exploit discovered by security researchers proves it indeed quite false. Patrick Wardle , director of research at security firm Synack , has found a deadly simple way that completely bypass one of the core security features in Mac OS X i.e.  Gatekeeper . Introduced in July of 2012, Gatekeeper is Apple's anti-malware feature designed to keep untrusted and malicious applications from wreaking havoc on Macs. However, Wardle has found a quick and simple way to trick Gatekeeper into letting malicious apps through on Mac OS X machines, even if the protection is set to open apps downloaded only from the Mac App Store. According to the researcher, before allowing any apps to execute on an OS X machine, Gatekeeper performs a number of checks, such as: Checking the initial digital certificate of a downloaded app Ensuring the app has been signed with an Apple-recognized developer certificat
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Cybersecurity Resources