BleepingComputer reports that threat actors could exploit a macOS vulnerability to facilitate malware distribution without being detected by Gatekeeper through application execution restrictions.
The flaw, dubbed Achilles and tracked as CVE-2022-42821, has already been addressed by Apple in macOS 13, 12.6.2, and 11.7.2.
Microsoft Principal Security Researcher Jonathan Bar Or who discovered and reported Achilles found that it enables malicious payload exploitation of a logic issue that would restrict Access Control Lists to evade the Gatekeeper security feature.
"Apple's Lockdown Mode, introduced in macOS Ventura as an optional protection feature for high-risk users that might be personally targeted by a sophisticated cyberattack, is aimed to stop zero-click remote code execution exploits, and therefore does not defend against Achilles. End-users should apply the fix regardless of their Lockdown Mode status," said the Microsoft Security Threat Intelligence team.
Vulnerabilities bypassing Gatekeeper have been previously identified, including the Shrootless flaw also reported by Bar Or that enables System Integrity Protection evasion to facilitate arbitrary operation execution and rootkit installation.
Nansen impacted by third-party breach BleepingComputer reports that Ethereum blockchain analytics firm Nansen has disclosed that its third-party authentication provider was impacted by a data breach, which resulted in the compromise of data from 6.8% of its user base over a 48-hour period.