mac app store | Breaking Cybersecurity News | The Hacker News

A highly popular top-tier app in Apple's Mac App Store that's designed to protect its users from adware and malware threats has been, ironically, found surreptitiously stealing their browsing history without their consent, and sending it to a server in China. What's more concerning? Even after Apple was warned a month ago, the company did not take any action against the app. The app in question is "Adware Doctor," the Mac App Store No. 1 paid utility and also ranked as the fourth most popular paid app on the store, which sells for $4.99 and markets itself to be the "best app" to prevent "malware and malicious files from infecting your Mac." However, a security researcher with the @privacyis1st Twitter handle detected Adware Doctor's suspicious spyware-like behavior almost a month ago and also uploaded a proof-of-concept video demonstration of how the user's browser history is exfiltrated. The researcher informed Apple about

Nothing comes for free, especially online. Would you be okay with allowing a few paid services to mine cryptocurrencies using your system instead of paying the subscription fee? Most free websites and services often rely on advertising revenue to survive, but now there is a new way to make money—using customers' computer to generate virtual currencies. It was found that a scheduling app, dubbed Calendar 2, was embracing cryptocurrency mining in exchange for free access to its app premium features, but the developer has to take it down from the Apple App Store following reports that it's not working as intended. Cryptocurrency mining is not a new concept, but the technology has recently exploded after hackers found it a great way to make millions of dollars by hijacking computers to secretly perform cryptocurrency mining in the background without users' knowledge or consent. Due to this cryptocurrency mining has emerged as one of the biggest threats in recent mon

To minimize the risk of privilege misuse, a trend in the privileged access management (PAM) solution market involves implementing just-in-time (JIT) privileged access. This approach to  privileged identity management  aims to mitigate the risks associated with prolonged high-level access by granting privileges temporarily and only when necessary, rather than providing users with continuous high-level privileges. By adopting this strategy, organizations can enhance security, minimize the window of opportunity for potential attackers and ensure that users access privileged resources only when necessary.  What is JIT and why is it important?   JIT privileged access provisioning  involves granting privileged access to users on a temporary basis, aligning with the concept of least privilege. This principle provides users with only the minimum level of access required to perform their tasks, and only for the amount of time required to do so. One of the key advantages of JIT provisioning