• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   OS X

CVE-2019-8635: Double Free Vulnerability in Apple macOS Lets Attackers Escalate System Privileges and Execute Arbitrary Code

  • Posted on:June 21, 2019 at 5:00 am
  • Posted in:Mac, Vulnerabilities
  • Author:
    Trend Micro
0

We discovered a double free vulnerability (assigned as CVE-2019-8635) in macOS. The vulnerability is caused by a memory corruption flaw in the AMD component. If successfully exploited, an attacker can implement privilege escalation and execute malicious code on the system with root privileges.

Read More
Tags: AMDCVE-2019-8635double free vulnerabilityOS X

POC Shows Mac OS X UEFI Attacks Are Possible; What Does This Mean for Mac Users?

  • Posted on:June 8, 2015 at 9:06 pm
  • Posted in:Mac, Malware
  • Author:
    Moony Li (Threat Analyst)
0

A critical Mac vulnerability was discovered by OS X security researcher Pedro Vilaca last week. According to his research, any attacker can disable the BIOS lock just by taking advantage of a flaw in Apple’s S3 sleep state (more known as ‘standby mode’) suspend-resume implementation. Once an attacker does this, he can install bootkit malware onto a Mac BIOS without…

Read More
Tags: AppleBIOSbootkitMacOS XUEFI

Staying Safe from Wirelurker: the Combined Mac/iOS Threat

  • Posted on:November 7, 2014 at 8:11 am
  • Posted in:Malware, Mobile
  • Author:
    Spencer Hsieh (Threat Researcher)
0

The newly discovered Wirelurker malware affecting both OS X and iOS devices has been covered extensively in the media. While this is a significant incident, some of the coverage appears to have been exaggerated, and might lead users to unnecessary panic. Several points would be useful in helping calm down the worst fears of users and distilling…

Read More
Tags: AppleiOSMacOS XWirelurker

Gatekeeper on Mac OS X 10.9 Mavericks

  • Posted on:October 23, 2013 at 1:09 am
  • Posted in:Vulnerabilities
  • Author:
    Lawrence Lin (Targeted Attacks Analyst)
0

One of the Mac OS X platform’s security features is Gatekeeper, which was first introduced in 2012 and works with Lion,  Mountain Lion, and Mavericks. If a program is downloaded from the Internet and launched, Gatekeeper will first validate its digital signature and choose whether to let it run based on the user’s settings. How…

Read More
Tags: AppleGatekeeperMacMavericksOS reviewOS Xsecurity

Backdoor Busts the Mac Myth

  • Posted on:June 25, 2008 at 11:06 pm
  • Posted in:Exploits, Malware
  • Author:
    Jake Soriano (Technical Communications)
0

This new backdoor reminds everyone that, indeed, the myth that Mac is safe is, well, a myth. Exploiting a vulnerability in a component of Apple Remote Desktop, this malware detected by Trend Micro as BKDR_HOVDY.A, runs hidden on an affected operating system and allows a remote malicious user to escalate privileges to root. Also this…

Read More
Tags: AppleMacOS X
Page 1 of 212

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.