![]() Apple stated that “This update has no published CVE entries” for both updates, which is the first time we have ever seen this for a security update. But strangely, Apple did not provide a single detail about which security issues were addressed in the updates. On February 14, Apple released security updates for macOS Big Sur and macOS Catalina. See Apple fixes active zero-day vuln with macOS 12.2.1, iOS 15.3.1, Safari 15.3 for more. Apple published little information about this vulnerability, and updates to all of the company’s operating systems were issued. Cybersecurity and Infrastructure Security Agency (CISA) to order federal agencies to patch their affected systems no later than February 25. In February, a zero-day vulnerability, that was being actively exploited, led to an uncommon warning from the U.S. ![]() Google believed “this threat actor to be a well-resourced group, likely state backed, with access to their own software engineering team based on the quality of the payload code.” Read more about DazzleSpy, with a lot of technical detail, in DazzleSpy Mac Malware Used in Targeted Attacks.ĭazzleSpy Mac Malware Used in Targeted Attacks First discovered and analyzed by multiple malware research teams in November 2021, the malware leveraged a vulnerability that did not affect the then-current version of macOS Big Sur, but was exploitable on macOS Catalina. New details came to light in January about DazzleSpy malware (variants of which had been called MACMA and CDDS in November 2021), which has the hallmarks of a state-sponsored, cyber-espionage campaign. SysJoker: Cross-Platform Backdoor Malware for Mac, Windows, and Linux Read SysJoker: Cross-Platform Backdoor Malware for Mac, Windows, and Linux for more technical information about SysJoker, and listen to episode 222 of the Intego Mac Podcast, SysJoker Malware and Scams in the App Store to learn more about this malware. Its primary goal appears to be espionage. It has been observed collecting specific information about the infected computer, such as the MAC address, user name, and IP address. In addition to being able to infect Macs, it can also infect PCs running Windows or Linux. SysJoker is cross-platform malware that pretends to be an operating system update mechanism. In January, new malware called SysJoker was discovered. But be sure to see our separate feature specifically about all the Mac malware of 2020. The biggest stories in January were about Mac malware, so we’ll focus on those in this overview. ![]() In a separate article, we dive deeper into 2022’s top 20 Mac malware threats. This article will feature an overall look at Apple security and privacy from the year 2022, including our coverage on The Mac Security Blog and the Intego Mac Podcast. Let’s take a trip down memory lane and rediscover some pivotal moments in the privacy and security of the Mac and other products in the Apple ecosystem. In 2022, a number of zero-day vulnerabilities led Apple to issue emergency security updates, while new features were introduced to help ensure privacy and security in macOS, iOS, and iPadOS. This cycle of new threats and new fixes repeats itself every year. At the same time, malware evolves, new cybersecurity threats come to light, and new vulnerabilities are discovered in operating systems and apps. Every year, Apple touts new privacy and security features in its operating systems, and develops some of the most modern features to keep you safe. There was no shortage of Apple security and privacy news in 2022. Security & Privacy Apple Security and Privacy in 2022: The Year in Review
0 Comments
Leave a Reply. |