Manage Pressing Risks with EPL-Risk.com

A one-stop hub for practical, timely and actionable insights, tools and training that may save thousands of dollars by minimizing potential loss exposures, human resources expenses, training costs, and attorney fees.

Stay on top of current workplace issues, legislation, and employment trends with:
  • Articles, News Briefs, and Checklists
  • Interactive Training Modules
  • Model Handbook with 100+ Template HR Policies, Procedures, and forms

Today's Workplace

Employee Training Continues To Be The Best Medicine For Ransomware Exposure Prevention

A recent cybersecurity report shows how ransomware has become the most significant malware threat. Read how employee training is your best prevention tool.

Continue Reading

The Right And Wrong Way To Monitor Employee Internet Use

A recent announcement creates controversy over privacy rights. Employers often use technology to monitor employees. However, they must do so wisely. Read more.

Continue Reading

Why Implementing "Zero-Trust Principles" Can Help Prevent Credential Hijacking

With cybercriminals relying less on malware, organizations must protect their networks, devices, and data with zero-trust security. Learn more.

Continue Reading

Mac Malware Is On The Rise: Why You Can't Wait To Update

In April, researchers announced that malware was exploiting a previously unknown vulnerability that allowed it to "bypass macOS security defenses and run unimpeded."

More recently, the same researchers found evidence that the XCSSET malware was exploiting another vulnerability to access parts of macOS that normally require permission. Hackers can access the microphone and the webcam and record the screen without authorization.

Trend Micro discovered XCSSET malware in 2020 when it was used to target Apple developers, particularly their Xcode projects coding and building apps. After hackers infected the app development projects, developers unknowingly distributed the malware to users.

XCSSET malware is continually being developed and recent variants target Macs running the newer M1 chip.

Once it has infected a computer, the malware uses one zero-day to steal cookies from the Safari browser to access the victim's online accounts. It uses another zero-day to covertly install a development version of Safari so that the hackers can modify and spy on almost any website. It exploits a third previously unknown zero-day to secretly take screenshots.

The malware bypasses the permission prompt that macOS normally sends before allowing apps to record the screen, access the microphone and webcam, or open the user's storage.

The malware also searches for and infects other apps on the victim's computer that are frequently granted screensharing permission, such as Zoom, WhatsApp, and Slack. The malware is then able to "piggyback" on the legitimate app and use its permissions across macOS. It even signs a new certificate to the new app bundle to avoid detection by macOS's built-in cybersecurity.

According to the researchers who discovered the malware, the hackers are currently only using it to take screenshots of the victim's desktop. However, its capabilities would allow them to access the victim's microphone or webcam or capture keystrokes to steal passwords and credit card numbers.

Apple recently confirmed that it has fixed the bug in macOS 11.4 that allowed the malware to infect devices. Apple made the patch available as an update in May 2021. Zack Whittaker "Malware caught using a macOS zero-day to secretly take screenshots" techcrunch.com (May 24, 2021).

Commentary

The latest malware targeting macOS devices is a reminder of the importance of patching vulnerabilities and installing updates.

Always install updates to your operating system and apps as soon as they become available. Updates generally include patches for recently discovered vulnerabilities, meaning they help protect you against the latest malware.

Waiting even one day to install an update gives hackers, who may already have sent out millions of infected emails or have their malware waiting in numerous apps, plenty of time to infect your device.

Finally, your opinion is important to us. Please complete the opinion survey: