Mac users are being targeted by scareware peddlers, warns SANS ISC CTO Johannes Ullrich.
If you use Apple's OS X El Capitan, iOS and QuickTime on any of your computers and devices, you might want to implement the latest updates pushed out on Tuesday.
Do you remember when, last October, Synack director of research Patrick Wardle found a simple way to evade OS X's Gatekeeper defense mechanism by bundling up a legitimate Apple-signed app with a malicious, unsigned one placed in the same directory, and wrapping it all up in an Apple disk image file? Until they come up with a permanent fix, which will require a redesign of OS X, Apple has temporarily blocked this attack avenue by creating a (short) blacklist of files that Wardle reported could be repackaged to trip up the Gatekeeper and introduce malware on Macs.
European law enforcement agencies recently targeted users of the DroidJack mobile phone RAT, and likely made other would-be users refrain from buying and using that particular piece of malware.
Apple has released security updates to fix critical vulnerabilities in the following Apple products: OS X El Capitan, Mavericks and Yosemite, OS X Server, Safari, watchOS, iOS, iTunes, Xcode, and Mac EFI.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.