[ThreatPost] Apple macOS Flaw Allows Kernel-Level Compromise

‘Shrootless’ allows bypass of System Integrity Protection IT security measures to install a malicious rootkit that goes undetected and performs arbitrary device operations.

Source: Read More (Threatpost)

You might be interested in …

[SANS ISC] Obfuscated Maldoc: Reversed BASE64, (Sat, Nov 13th)

All posts, Sans-ISC

Reader Colin submitted a malicious document. It’s a Word document with VBA code, as we can see in oledump‘s report: As streams A3 and A10 with VBA code don’t look that large, I use options -s a -v to extract all VBA code with one command: The VBA code is accessing keywords and the content […]

Read More

[SecurityWeek] Critical Flaw in WordPress Plugin Leads to Database Wipe

All posts, Security Week

A major security vulnerability in the WP Reset PRO WordPress plugin could be exploited by an authenticated user to wipe the entire database of a website, according to a warning from researchers at Packstack (formerly WebARX). read more Source: Read More (SecurityWeek RSS Feed)

Read More

[BleepingComputer] Interpol shuts down thousands of fake online pharmacies

The Interpol (International Criminal Police Organisation) has taken down thousands of online marketplaces that posed as pharmacies and pushed dangerous fake and illicit drugs and medicine. […] Source: Read More (BleepingComputer)

Read More