[HackerNews] New ‘Shrootless’ Bug Could Let Attackers Install Rootkit on macOS Systems

Microsoft on Thursday disclosed details of a new vulnerability that could allow an attacker to bypass security restrictions in macOS and take complete control of the device to perform arbitrary operations on the device without getting flagged by traditional security solutions.
Dubbed “Shrootless” and tracked as CVE-2021-30892, the “vulnerability lies in how Apple-signed packages with

Source: Read More (The Hacker News)

You might be interested in …

[SecurityWeek] Google Patches Several Chrome Flaws That Can Be Exploited via Malicious Extensions

All posts, Security Week

A Chrome 92 update released this week by Google patches 10 vulnerabilities, including several high-severity flaws that earned researchers tens of thousands of dollars in bug bounties. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[ThreatPost] Black Hat: Let’s All Help Cyber-Immunize Each Other

All posts, ThreatPost

We’re selfish if we’re only mitigating our own stuff, said Black Hat USA 2021 keynoter Jeff Moss. Let’s be like doctors battling COVID and work for herd immunity. Source: Read More (Threatpost)

Read More

[SecurityWeek] Expired Let’s Encrypt Root Certificate Causes Problems for Many Companies

All posts, Security Week

A root certificate used by Let’s Encrypt expired on September 30 and, despite being notified a long time in advance, many companies experienced problems. read more Source: Read More (SecurityWeek RSS Feed)

Read More