What is the Issue:
Due to a flaw in Apple’s code-signing API, hackers have been able to manipulate the code-signing process to enter malicious code into MacOS systems. Third-party security tools were unable to detect the issue as the malicious codes were signed off by Apple, making it seem as if it was a trusted source. The malicious code would stay on a user’s system until Apple sent out a patch for it, which could take extended periods of time.
Why is this noteworthy:
It’s reported that hackers have been able to perform this exploit on MacOS systems for years now. If a company has had exposure to this attack, their systems may be at risk of hackers having direct access to all of their system files.
What is the exposure or risk:
Security tools built into MacOS are unaffected, however system files are still at risk.The two most common forms of infiltration have been through phishing attacks or file-sharing. If a hacker is able to breach a companies’ system hackers have access to all of a systems personal and financial information.
What are the recommendations:
SKOUT recommends having MacOS users update software to the most current version, and avoid clicking on any emails containing unfamiliar or suspicious links.
If you have any questions, please contact our Security Operations Center.