SecurityTextEdit flaw could have let hackers create malicious TXT files
A flaw in macOS TextEdit could have let attackers create malicious TXT files — files that could have led to DOS attacks, IP leaks, and more.
April 13, 2021 • 6 min readResults for
Security
SecurityFacebook data breach exposes details of 500 million users
A Facebook data breach has exposed the personal information of more than 500 million users. In this article: Details | Impact | Staying Safe
April 7, 2021 • 6 min read
SecurityChecklist 225: Raising Better Digital Citizens with Robert Speciale
Award-winning educator Robert Speciale shares strategies for communicating security and privacy concepts to today’s kids.
April 1, 2021 • 11 min read
SecuritySTIR/SHAKEN hits milestone in fight to stop caller ID spoofing
How do we stop caller ID spoofing? This article shows how spoofing works, how STIR/SHAKEN helps, and why you shouldn’t let your guard down!
March 29, 2021 • 6 min read
SecurityXcodeSpy Mac Malware Targets Developers
XcodeSpy is macOS malware that can install a persistent backdoor on a Mac. In this article, we’ll explain what it is, how it works, and how you can detect it!
March 25, 2021 • 7 min read
SecurityChecklist 224: Cloudburst Over Hobby Lobby
A closer look at the recent Hobby Lobby data breach; talking about common misconceptions about “the cloud” with a cloud security expert.
March 25, 2021 • 7 min read
SecurityIs the Clubhouse iOS app safe to use?
Is the Clubhouse iOS app safe? We’ll talk about what Clubhouse is, the app’s security and privacy issues, and how to use it more safely.
March 24, 2021 • 7 min read
SecurityChecklist 223: Visiting Clubhouse and Revisiting App Privacy Labels
If you spend any time on the socials, you’ve heard people talk about Clubhouse. It’s been around for close to a year, though it’s really taken off over the past few months. We’ll look at its safety, then look at Privacy Labels with Clubhouse as a sort of yardstick.
Trouble in the Clubhouse?
Clubhouse is a new social media platform that’s drawing all kinds of attention. At the moment, it’s still in beta testing, and is only available as an iOS app.
So what does Clubhouse do? It’s actually pretty simple. The app …
March 21, 2021 • 4 min read
SecurityWhat to do before you sell your Mac: a step-by-step guide
Planning to sell your Mac? This guide shows you how to make sure you aren’t exposing your private data to the new owner!
March 18, 2021 • 9 min read
SecuritySecurity camera hack exposes thousands of video feeds
A security camera hack has exposed thousands of video feeds. This article has background, analysis, and tips for home security camera safety.
March 15, 2021 • 4 min read
SecurityChecklist 222: Avoiding Tax Scams with Nick Leon
On this podcast, we talk about avoiding tax scams both new and old. We cover “classic” tax scams as well as 2021 tax scams.
March 11, 2021 • 8 min read
Security4 tax scams to watch out for in 2021
In 2021, U.S. taxpayers should be on the lookout for these 4 tax scams. This article explains how they work, and how to keep yourself safe!
March 6, 2021 • 4 min read
SecurityCrisis
also known as OSX/Morcut
Type:
Trojan Horse
Platform:
Mac OS X
Last updated:
02/09/16 9:14 pm
Threat Level:
High
Description
Crisis is a Trojan horse that creates a backdoor on infected systems. Also known as Morcut, Crisis was first discovered in 2012, with subsequent variants appearing in the years to follow.
Crisis comes in the form of an illegitimate Adobe Flash Player installer. If installed, Crisis takes steps to achieve persistence (the ability to survive reboots), and then performs several actions, the nature of which depends on whether or not the Trojan was launched with administrative permissions. On a system which …
March 6, 2021 • 2 min read
SecurityConduit
Type:
Adware
Platform:
Mac OS X
Last updated:
02/09/16 9:14 pm
Threat Level:
High
Description
Conduit is adware. Conduit was a platform that could be used to create custom toolbars — meant to be installed as browser extensions — that were ostensibly aimed helping web publishers market to their audiences more effectively. However, Conduit had a number of behaviors that are classified as malicious: It would make unauthorized changes to a user’s web browser, including changes to the home page, new tab page, and search engine.
Conduit’s illegitimate search engine, search.conduit.com, posed a clear privacy threat, since it collected highly …
March 6, 2021 • 2 min read
SecurityCoinThief
also known as OSX/StealBit
- Type:
- Trojan Horse
- Platform:
- Mac OS X
- Last updated:
- 01/18/23 6:40 pm
- Threat Level:
- High
Description
CoinThief is a trojan horse that steals Bitcoins.
CoinThief Threat Removal
MacScan can detect and remove CoinThief Trojan Horse from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.
March 6, 2021 • 1 min read
SecurityClickAgent
also known as OSX/ClickAgent.FLA
Type:
Adware
Platform:
Mac OS X
Last updated:
02/09/16 9:14 pm
Threat Level:
High
Description
ClickAgent is adware. It masquerades as a Flash Player installer and may be found on various websites, especially filesharing and adult websites.
When ClickAgent was discovered in August 2013, it had been signed with an actual Apple Developer ID. If a user installs it, it will be added as an extension to their web browser — Safari, Chrome, or Firefox — and begin injecting ads into any website that the user visits. Some of these ads may be inappropriate or pornographic in …
March 6, 2021 • 2 min read
SecurityChatZum
Type:
Adware
Platform:
Mac OS X
Last updated:
02/09/16 9:14 pm
Threat Level:
High
Description
ChatZum is adware. It most often makes its way onto a Mac during the installation of another, legitimate program such as VLC or UnRarX. Although these applications in themselves are not malicious, and are not affiliated with the malware’s authors, the installer packages that bundle them together with the ChatZum adware are. Users are given the option to opt out of installing ChatZum by the installer program; however, ChatZum components are nevertheless installed on their computers even if they opt out.
Once installed on a …
March 6, 2021 • 1 min read
SecurityCallMe
Type:
Trojan Horse
Platform:
Mac OS X
Last updated:
04/02/16 10:02 am
Threat Level:
High
Description
CallMe is a Trojan horse that targets Tibetan activist organizations. The Trojan infects its target through a malicious Microsoft Word (.doc) file, exploiting an older Word vulnerability cataloged as CVE-2009-0563.
Once active, CallMe is able to run commands on the infected system; however, it only takes a limited number of actions using these permissions. The Trojan attempts to connect to a command and control server; creates a copy of the user’s contact list for the malware authors to access remotely; and establishes a …
March 6, 2021 • 2 min read
SecurityBundlore
also known as Buca, Not-a-virus:HEUR:AdWare.OSX.Bnodlero.x
- Type:
- Adware
- Platform:
- Mac OS X
- Last updated:
- 01/17/23 11:13 pm
- Threat Level:
- High
Description
Bundlore is adware.
Bundlore Threat Removal
MacScan can detect and remove Bundlore Adware from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat.
March 6, 2021 • 1 min read
SecurityBlackHoleRAT
Type:
Trojan Horse
Platform:
Mac OS X
Last updated:
04/02/16 7:14 am
Threat Level:
High
Description
BlackHoleRAT is a Trojan horse that allows remote access by malicious third parties to an infected computer. Early versions of the Trojan were relatively unsophisticated and seemed to be intended as proof of concept, but subsequent, better-developed variants were soon discovered — and these were being offered for distribution.
BlackHoleRat is able to carry out a range of malicious actions on an infected machine, including the following: It can request an administrator password and store it to a file, execute shell scripts, turn the …
March 6, 2021 • 1 min read