Apple Mac users should update their macOS software now since hackers are exploiting "one of the worst vulnerabilities" in the computer in years. Malware has been hitting Macs since at least January thus making patching all the more urgent now.
According to a macOS security expert, the hacks are taking Mac security back a decade and are one of the worst security issues to ever hit Apple. A logic code error in the macOS code has lead to hackers creating malware.
The caveat: the hackers have to get a user to download or run an app that’s not in the App Store or allowed by Apple, and once that’s done, the malware won’t be stopped installing by the Mac’s defensive tools. For anyone still running an unpatched macOS, expert advice is simple: “Don’t open anything from anybody.”
Although this can affect all the recent versions of macOS, Apple has released a patch that prevents the attacks, version Big Sur 11.3 is available now and contains other fixes besides addressing this bug.
An Apple spokesperson said the company has now addressed the issue in macOS 11.3 and updated XProtect, its malware detection, to block the malware using this technique. That XProtect update will happen automatically and retroactively apply to older versions of macOS.
Cases of ransomware have been increasing day by day with hackers trying to attack tech giants to government agencies. Washington DC's Metropolitan Police Department said its computer network has been breached in a targeted cyber-attack by a ransomware group called Babuk who is threatening to release sensitive data on police informants if it is not contacted within three days.
Attackers can lock organizations' systems, then demand large amounts of money in return for ending the hack.
Given a police department would hold tons of sensitive information and data, the FBI is investigating the extent of the breach.
Babuk is a Russian-speaking ransomware group that emerged earlier this year, and has downloaded "a sufficient amount of information" from the police department's internal networks, AP reports.
There are screenshots that are said to have been posted by the group on the dark web and shared on social media which suggest that they had gained access to information on criminal gang activity and police intelligence reports.
Even if ransom is paid, there is a huge risk for organizations because data was is probably already stolen which can then be sold or stored by the hackers.
In the United States, the FBI has permission to access privately owned computers without owners' knowledge or consent to delete software. It’s part of a government effort to contain attacks on corporate networks running Microsoft Exchange software.
The search warrant was approved by the courts and allows the FBI is access web shells, make copies for evidence, then delete the web shell. The FBI is accessing hundreds of these mail servers in corporate networks.
However, this sort of authority is raising questions as how how far the FBI and government can go to access private information, as well as the power of courts to regulate cybersecurity without the consent of the owners.
The type of software the FBI is deleting is malicious code installed by hackers to take control of a victim’s computer. Hackers have used the code to access private email messages and launch ransomware attacks. The authority the Justice Department relied on and the way the FBI carried out the operation set important precedents.
Due to the large number of unprotected systems in U.S. networks and the urgency of the threat, the FBI took on this operation.