Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

Warning over Apple 'code-signing' security bug affecting all MacOS users

Macosunlock-370x229

Security firm Okta claims to have uncovered a major security vulnerability in Apple's ‘code-signing' which, according to the firm, has the potential to affect all MacOS users.

Found by a researcher on the Okta Research and Exploitation (REX) team, Josh Pitts, the Apple "code-signing" vulnerability is said to allow anyone - including a malicious actor - to impersonate Apple.

More specifically, by exploiting this vulnerability, a threat actor could trick third-party security tools into believing their code is Apple-approved, letting malicious code live on a MacOS machine until it's patched.

What this does, is break the chain of trust in code signed by Apple and in MacOS security that people often take for granted

"Through this method, a sophisticated threat actor could get access to personal data, financial details, or sensitive insider information," the company said in a statement.

"And, by exploiting this vulnerability, threat actors can bypass a core security function -...(continued)

View All Trending Stories