Microsoft Threat Intelligence uncovered a macOS vulnerability that could potentially allow an attacker to bypass the operating system’s Transparency, Consent, and Control (TCC) technology and gain unauthorized access to a user’s protected data.
The vulnerability, which we refer to as “HM Surf”, involves removing the TCC protection for the Safari browser directory and modifying a configuration file in the said directory to gain access to the user’s data, including browsed pages, the device’s camera, microphone, and location, without the user’s consent. Apple released a fix for this vulnerability, now identified as CVE-2024-44133, as part of security updates for macOS Sequoia, released on September 16, 2024.
Read more…
Source: Microsoft
Related:
- DarkHydrus abuses Google Drive to spread RogueRobin Trojan
January 21, 2019
The DarkHydrus advanced persistent threat (APT) group is back and this time is not only using Windows vulnerabilities to infect victims but is also abusing Google Drive as an alternative communications channel. Last week, researchers from the 360 Threat Intelligence Center (360TIC) said the hackers have a new campaign underway which is focusing on targets in the Middle ...
- WiFi firmware bug affects laptops, smartphones, routers, gaming devices
January 18, 2019
Details have been published today about a vulnerability affecting the firmware of a popular WiFi chipset deployed in a wide range of devices, such as laptops, smartphones, gaming rigs, routers, and Internet of Things (IoT) devices. Discovered by Embedi researcher Denis Selianin, the vulnerability impacts ThreadX, a real-time operating system (RTOS) that is used as firmware for ...
- New Android Malware Apps Use Motion Sensor to Evade Detection
January 18, 2019
Even after so many efforts by Google for preventing its Play Store from malware, shady apps somehow managed to fool its anti-malware protections and get into its service to infect Android users with malware. Two such Android apps have recently been spotted on the Google Play Store by security researchers with the Trend Micro malware research ...
- LoJax rootkit used by Russian-linked Fancy Bear has been silently active since 2016
January 17, 2019
Researchers have discovered that LoJax, the malware that formed the foundation for devastating Fancy Bear attacks in 2018, has been silently active for years. Use of this infrastructure by the Russian-linked hacking group was exposed in September 2018, just a few months after the LoJax servers were first discovered by security researchers in May. LoJax was last ...
- NanoCore Trojan is protected in memory from being killed off
January 16, 2019
The NanoCore Remote Access Trojan (RAT) is being spread through malicious documents and uses an interesting technique to keep its process running and prevent victims from manually killing the system, researchers say. The cybersecurity team from Fortinet recently captured a sample relating to the spread of NanoCore RAT in the form of a malicious Microsoft Word document. Developed in ...
- The Rise of Physical Crime in the Cybercrime Underground
January 14, 2019
While underground forums have long been the purview of digital or internet-enabled crimes, recent developments have shown signs of increasing synergy and interaction between traditional criminals and cybercrime actors. Given the nature of the underground, it shouldn’t be a surprise that even traditional criminals communicate and even sell their wares via these underground forums. Is it ...