Thunderstrike 2 worm can infect your Mac without detection

By

Researchers have created the first undetectable firmware worm for Mac.
Researchers have created the first undetectable firmware worm for Mac.
Photo: Jim Merithew/Cult of Mac

Apple has touted the Mac’s resistance to viruses for decades as a selling point over Windows PCs, but a team of researchers have created a new firmware worm for Mac that might just make you want to go back to doing work on good old pencil and paper.

Two white-hat hackers discovered that several vulnerabilities affecting PC makers can also bypass Apple’s renowned security to wreak havoc on Mac firmware. The two created a proof-of-concept of the worm called Thunderstrike 2 that allows firmware attacks to be spread automatically from Mac to Mac. Devices don’t even need to be networked for the worm to spread, and once it’s infected your machine the only way to remove it is to open up your Mac and manually reflash the chip.

Here’s a preview of Thunderstrike 2 in action:

How Apple treats Mac App Store developers like second-class citizens

By

A new day, a new OS X exploit.
The world wide web would like you to pay attention.
Photo: Apple

When it comes to the App Store and the Mac App Store, the two software dispensing platforms are not treated equally.

Not only do top 10 Mac App Store apps make a whole lot less than the chart toppers on iOS, but developers are noticing that Apple’s not even giving Mac app developers some of the same critical tools their counterparts enjoy on the App Store.

How iCloud could save your Mac from El Capitan’s destruction

The cloud service that often lets people down saved me from catastrophe.
Apple's often unreliable cloud service sure saved me from a potential catastrophe.
Photo: Apple

As you may have heard, Apple released the public beta for OS X El Capitan yesterday. Since I tend to ignore the risks of beta software in favor of all the new features, I downloaded it on my mid-2011 MacBook Air. Do yourself a favor: don’t be like me. Understand and acknowledge the risks of beta software. It’ll save you time and data.

Apple’s OS X naming strategy turned around business for Yosemite National Park

Apple's so powerful it can even affect tourism.
Apple's so powerful it can even affect tourism.
Photo: Apple

If you ever want to find some evidence of just how significant Apple is these days, take a look at how it can impact upon seemingly unrelated areas — like, say, tourism.

According to a new report, following Apple’s decision to name last year’s OS X version after Yosemite national park, interest in the beloved American landmark skyrocketed.

iOS and OS X bug lets attackers steal passwords from iCloud Keychain

By

apple-iphone-cracked-security-mac-ios-malware-flaw
Researchers cracked iCloud Keychain and bypassed App Store approval processes.
Photo: Faris Algosaibi/Flickr CC

A group of six university researchers claim to have successfully bypassed Apple’s tight App Store approval processes to publish Mac and iOS malware apps. According to the report, the team presented the zero-day vulnerability to Apple back in October 2014 and were told to keep quiet about it for at least six months.

Luyi Xing, a security researcher who helped expose the zero day vulnerability, still has yet to hear back from Apple on a possible fix.