
MacOS High Sierra zero-day shows Keychain passwords in plain text
MacOS users who are starting the upgrade to High Sierra – and those who are using El Capitan – are vulnerable to a proof-of-concept attack that shows their online passwords in plain text, according to Synack security researcher Patrick Wardle.
He discovered that Mac Keychain, a native password management tool, can store online account usernames and passwords in plain text, allowing malicious applications direct access to the account details. However, the Keychain is generally protected by a master password.
Wardle revealed the details in a video that showed a demonstration of the attack.
Malware variants becoming increasingly prevalent, sophisticated and evolved
Malware vendors look to marketing to spread Android RAT
Sophos Rapid Response puts out the ransomware fire
Check Point exposes Android malware vendor using dark net to rebrand products
A brief history of cyber-threats — from 2000 to 2020
Emotet remains leading malware in global threat index

As digital transformation grows in A/NZ companies, misconceptions about their role in cloud security abound
While an 81% majority of A/NZ organisations are accelerating their digital transformation, a giant 99% of surveyed respondents say they believe their cloud security provider provides enough protection, according to a Trend Micro study.

Check Point invests in local cloud capabilities in A/NZ
As public cloud usage in Australia and New Zealand grows, the company says it will continue to invest locally to support businesses.

Emotet remains leading malware in global threat index
The malware has impacted 7% of organisations globally, following a spam campaign which targeted more than 100,000 users per day during the holiday season.

Kaspersky steps in to protect automotive industry from cyber threats
The company’s TI report, previously available for a selected range of customers, is able to provide car manufacturers with in-depth analysis of industry-specific security threats.

Microsoft top targeted brand by cyber criminals in Q4 2020
In Q4, 43% of all brand phishing attempts related to Microsoft (up from 19% in Q3), as threat actors continued to try to capitalise on people working remotely during the COVID-19 pandemic’s second wave.

Red Hat to acquire Kubernetes-native security provider StackRox
Red Hat will further expand its security offering, adding StackRox's complementary capabilities to strengthen integrated security across its open hybrid cloud portfolio.