Simple technique bypassed macOS signature checks by third-party tools For almost 11 years, hackers have had an easy way to get macOS malware past the scrutiny of a host of third-party security tools by tricking them into believing the malicious wares were signed by Apple, researchers said Tuesday. Digital signatures are a core security function for all modern operating systems. The cryptographically generated signatures… Read More
‘Disappearing’ Signal Messages Are Stored Indefinitely on Mac Hard Drives One of Signal’s best features is that messages can be set to “self-destruct,” meaning there is no paper trail for conversations in the app. But with Signal’s default settings on a Mac, your friends’ messages appear—and live on—on the operating system’s notifications bar even if the message is set to self-destruct using Signal’s timer. These… Read More
Logs in High Sierra Show Plaintext Password for APFS Encrypted External Volumes It may not be noticeable at first (apart from the highlighting I’ve added of course), but the text “frogger13” is the password I used on a newly created APFS formatted FileVault Encrypted USB drive with the volume name “SEKRET”. (The new class images have a WarGames theme, hence the shout-outs to classic video games!) Source:… Read More