Subj : One of Apple's basic security tools is failing at its job To : All From : TechnologyDaily Date : Mon Aug 14 2023 14:15:03 One of Apple's basic security tools is failing at its job Date: Mon, 14 Aug 2023 12:59:54 +0000 Description: Experts reveal ways to bypass the Background Task Management and keep malware hidden. FULL STORY ====================================================================== A security researcher has demonstrated how a cybersecurity tool built into macOS can easily be circumvented by somewhat sophisticated malware . Presenting at the recent DEF CON hacking conference, Patrick Wardle outlined a way to bypass the work of the macOS Background Task Management mechanism and stay out of sight while installing even more malware on the target endpoint. Background Task Management is a built-in tool that has shipped with macOS since October 2023. It monitors installed programs and apps for persistence, which is often a telltale sign of malware. If it finds apps that persist - despite being repeatedly killed - it will notify the user which can then scan the device for potential problems. Three methods Wardle found three ways to bypass this tool. One requires having root access to the device which defeats the whole purpose somewhat (if a threat actor already has root access, they can make all kinds of changes). Two, however, dont require root access and can be used to disable the notifications. One of the ways requires using a bug in the way the alerting system communicates with the kernel. The other leverages the users ability to put processes to sleep. Read more > Apple Safari patched to fix potentially dangerous zero-day flaws > There's a major new security update for iOS and macOS, so update now > Here's our list of the best firewall software around Wardle said he decided to take his findings to DEF CON instead of taking it to Apple, because he already reached out to the company when it first debuted the tool, after finding a few flaws. The company fixed the flaws, but did not address the root cause of the problem. We went back and forth, and eventually, they fixed that issue, but it was like putting some tape on an airplane as its crashing, Wardle says. They didn't realize that the feature needed a lot of work. Whether or not Apple fixes the issues remains to be seen. At press time, the company is yet to address the findings. Stay protected online with these best endpoint security software Via: Wired ====================================================================== Link to news story: https://www.techradar.com/pro/security/one-of-apples-basic-security-tools-is-f ailing-at-its-job --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .