Apple’s GateKeeper is a background technology in OS X that helps thwart malware. It does so by assessing three levels of identification for an app (Unsigned, Signed, and Signed with App Store distribution), and then imposing options to block execution of apps that are either unsigned, or not distributed through the App Store. However, a simple workaround exists that can allow malware to overcome Gatekeeper’s blocks and run. Continue reading
In order to distribute apps in Apple’s App Store, developers need to keep up to date with the latest versions of XCode; however, Apple has historically released new versions of XCode to US customers before those in other countries. This has spurred developers in China, including reputable ones, to obtain the latest versions of XCode from secondary sources. Unfortunately, these developers were recently duped into using malware-laden versions of XCode that injected malware into their apps upon submission to the App Store. Continue reading
PCWorld is reporting that a new zero-day vulnerability has been found for OS X, which affects versions of OS X from 10.9.5 through to the recently-released 10.10.5. The problem comes from how NULL pointers in programs are handled, where malicious programs may use a special condition to bypass the default location where NULL code is directed to, and allow the program to bypass OS X’s security. Continue reading
A vulnerability exists in OS X where an attacker can take advantage of a routine that is generally intended for logging, and overwrite system files. In doing so, the attacker can modify the system to allow bypassing of OS X’s security measures and give full “root” access to malware installers. The result of this is further modification to an affected Mac can be performed without any indication or authentication requirement. Continue reading
Researchers at the Georgia Institute of Technology have revealed findings that show Apple’s Keychain password service is vulnerable to malware that can steal passwords from other apps on the system and gain access to services and devices that you use with your Mac.
The Keychain stores passwords in an encrypted format, so while direct access to them is exceptionally difficult, OS X supports services that allow apps to authenticate and then have access to the passwords. Continue reading
Anytime you are using your Mac and are suddenly inundated with popups, unwanted Web pages opening, and other ads, then you are likely either using or getting too close to illegitimate resources. Generally this happens when you stumble across a nefarious Web site, but at other times it can be from adware and other malware you have installed on your system. One such instance of this is if you find persistent popups showing up on your Mac that reference “FlashMall,” which occurs from having installed the CrossRider trojan. Continue reading