Red Canary researchers worked with their counterparts at Malwarebytes, with the latter group finding Silver Sparrow installed on 29,139 macOS endpoints as of Wednesday.

Telegram has fixed a security issue where self-destructing audio and video files were not being deleted from user's macOS devices as expected.While performing a Telegram security audit on macOS, Mishra discovered that standard chats would leak the sandbox path where received video and audio files are stored.

macOS uses OCSP to make sure that the developer certificate hasn’t been revoked before an app is launched.As Jeff Johnson explains in his tweet above, if macOS cannot reach Apple’s OCSP responder it skips the check and launches the app anyway - it is basically a fail-open behaviour.

A now-fixed exploit in the macOS version of Microsoft Office may have allowed attackers to hack a Mac user just by getting them to open a document.

Apple is releasing a new API to allow developers to add the new sign-in function to their apps for a more convenient way of logging in using Face ID without revealing additional personal information. The new sign-in feature is coming with Apple's new operating systems this fall and will be available across macOS, iOS, and through websites.

AES-GCM - exportKey. async function exportCryptoKey(key) { const exported = await window.crypto.subtle.exportKey( "raw", key ). async function decryptMessage(key) { let encoded = getMessageEncoding(); let decrypted = await window.crypto.subtle.decrypt({ name: "AES-GCM", iv: iv }, key, ciphertext ) .then(function (decrypted) { (new Uint8Array(encrypted)); }) .catch(function (err) { console.error(err); }); }.

Most recently, the team at Google has reported and publicly disclosed a “high severity” flaw in the macOS kernel which can grant an attacker access to a users computer without their knowledge.

A macOS privacy protection bypass flaw could allow potential attackers to access data stored in restricted folders on all macOS Mojave release up to the 10.14.3 Supplemental Update released on February 7.

How Brave Ads Work Opt-in Users who choose to see Brave Ads are presented with offers in the form of notifications as they browse the web, at a time that the browser finds appropriate and not disruptive.

USB images instead of ISO images We need your help to test the simplified installation methods of Tails that we will release with 3.12 on January 29.

Tor Browser 8.0.4 contains updates to Tor (0.3.4.9), OpenSSL (1.0.2q) and other bundle components. setting back the sandboxing level to 5 on Windows (the Firefox default), after working around some Tor Launcher interference causing a broken Tor Browser experience.