New Mac malware targets Microsoft Word users

By

Mac-macro-malware
Beware bogus Word macros.
Screenshot: Patrick Wardle.

After spreading viruses among Windows PCs for years, malicious Microsoft Word documents are now infecting Macs.

The files contain a macro that silently executes in the background and downloads an application that can monitor webcams, steal passwords, read browser history and more.

Ex-NSA staffer reveals way to hack Mac’s camera and mic

By

Mac App Store
You might want to put tape over your webcam.
Photo: Ste Smith/Cult of Mac

Security researchers discovered a new way to hack the Mac’s built-in webcam this week, and the method is undetectable by users.

Apple built a green LED light into every Mac with firmware-level protection that turns on anytime the sensor is tripped by unauthorized access. The security feature has become increasingly difficult for hackers to beat, but former NSA staffer Patrick Wardle found a way to piggyback on outgoing feeds and record them.

Find out if you’ve been infected by sneaky new Mac malware

By

Have you been infected?
Have you been infected?
Photo: Marcin Nowak/Unsplash

Is your Mac infected by newly discovered malware that was ostensibly created by Milan-based HackingTeam in order to gain remote access to your machine?

The new virus uses some old HackingTeam code and some new tricks to hide its tracks, but it’s mostly harmless, according to researchers.

That doesn’t mean it’s not a good idea to get it off your system. Here’s how.

Super-simple exploit lets malware creep onto your Mac

By

It's really easy to bypass Mac's Gatekeeper.
It's really easy to bypass Mac's Gatekeeper.
Photo: Apple

Apple’s Gatekeeper feature was designed to keep even the most advanced users from accidentally installing malicious software on their computers, but a super-simple exploit lets hackers sneak malware onto your Mac.

The exploit was discovered by Patrick Wardle, director of research at security firm Synack. Wardle found that the exploit is made possible thanks to a key design shortcoming in Gatekeeper that lets an attacker use a binary file already trusted by Apple to execute malicious files.

Here’s how it works: