Apple’s latest update for iOS patches dangerous security holes. The latest security patch released by Apple yesterday includes fixes for 38 significant bugs, covered by 43 different CVE bug numbers.
While the macOS Big Sur 11.4 update shared many of those bugs with iOS, it also includes its own list of bugs, with 58 significant bugs patched, covered by 73 different CVE bug numbers.
Cybercriminals have been exploiting the CVE-2021-30713 security flaw has been patched. Earlier last year, the exploit was reported to Apple after remaining unnoticed in Mac malware called XCCSET. The bug exists in the system component called Transparency Consent and Control(TCC). It is a part of macOS supposed to ensure that apps don’t function inappropriately.
Security researchers at Mac management software company Jamf discovered the bug provides a sneaky way to “leech off” the permissions of an already-installed app. It runs a simple AppleScript utility with no special permissions to achieve this.
Normally when the malware runs an AppleScript utility to record your screen would popup a security warning asking if you wanted to allow the malware to go ahead. Only after you click on the Security and Privacy page in System Preferences and manually approve the malware by adding it to the list of apps allowed to record your screen will the bad actors be able to break into the system.
Jamf researcher’s findings suggest that by judiciously inserting the malicious screenshotting AppleScript utility into the application directory of software that already had Screen Recording permissions.
They further added, “they could then launch their AppleScript under the assumed authority of the so-called “donor” app and take screenshots covertly without any warnings popping up.
[box]The researchers used Zoom as the “donor” app in their research article but noted that the average Mac user is likely to have numerous screenshot-ready programs already installed, such as Discord, WhatsApp, Slack, WeChat, TeamViewer, and many others. This trick is not limited to Screen Recording permissions, either, so other installed apps could be “piggybacked” too. This means that an attacker could invisibly acquire unauthorized access to other permissions such as Location Services, Photos, Camera, Microphone, and files and folders that would otherwise be off-limits.[/box]
BOSE Fends Off Ransomware Attack Without Paying Ransom
SolarWinds Hackers Targeting 150 organizations Again – Microsoft Warns
Bazaloader Phishing Attack Tricks People into Installing Malware on their Windows PC