Share This:

What is the Issue:

Due to a flaw in Apple’s code-signing API, hackers have been able to manipulate the code-signing process to enter malicious code into MacOS systems. Third-party security tools were unable to detect the issue as the malicious codes were signed off by Apple, making it seem as if it was a trusted source. The malicious code would stay on a user’s system until Apple sent out a patch for it, which could take extended periods of time.

Why is this noteworthy:

It’s reported that hackers have been able to perform this exploit on MacOS systems for years now. If a company has had exposure to this attack, their systems may be at risk of hackers having direct access to all of their system files.

What is the exposure or risk:

Security tools built into MacOS are unaffected, however system files are still at risk.The two most common forms of infiltration have been through phishing attacks or file-sharing. If a hacker is able to breach a companies’ system hackers have access to all of a systems personal and financial information.

What are the recommendations:

SKOUT recommends having MacOS users update software to the most current version, and avoid clicking on any emails containing unfamiliar or suspicious links.

References:
  1. https://thehackernews.com/2018/06/apple-mac-code-signing.html
  2. https://www.darkreading.com/vulnerabilities—threats/macos-bypass-flaw-lets-attackers-sign-malicious-code-as-apple/d/d-id/1332031

If you have any questions, please contact our Security Operations Center.


Share This:

Posted by Doris Au

Doris is a product marketing manager at Barracuda MSP. In this position, she is responsible for connecting managed service providers with multi-layered security and data protection products that can protect their customers from today’s advanced cyber threats.

Leave a reply

Your email address will not be published.