In a recent development within the realm of Mac security, researchers have unveiled two notable exploits that warrant attention from users and industry professionals alike. The first vulnerability, reported to Parallels seven months ago, has prompted the company to announce forthcoming fixes in their Parallels Desktop versions 20.2.2 and 19.4.2, expected to roll out within the week. Notably, Apple silicon Macs remain unaffected by this particular flaw.
The second exploit, identified by the security firm Proofpoint, introduces a new malware strain known as FrigidStealer. This malware operates through a deceptive email strategy, where users are lured into clicking a URL that leads to a webpage displaying an alert about a necessary browser update. Upon clicking the “Update” button, an installer is downloaded to the user’s Mac, which, when opened via a specific method, circumvents macOS’s Gatekeeper security feature. This allows the malware to infiltrate the system, subsequently capturing sensitive information such as passwords, browser cookies, and data from Apple Notes.
How to protect yourself
To safeguard against such malware threats, users are advised to adhere to several best practices:
- Avoid downloading software from unverified sources: Stick to the Mac App Store for vetted applications. If opting for third-party software, purchase directly from the developer’s website.
- Exercise caution with email links: Refrain from clicking on links in emails or texts from unknown sources. Always verify the sender’s email address and inspect URLs carefully.
- Utilize Control-click: When encountering suspicious links, use Control-click to copy the link and paste it into a text editor to reveal the actual URL.
- Stay updated: Regularly install security patches and updates for both macOS and applications to ensure your system remains protected.
For those seeking further information, Macworld offers a variety of resources, including guides on antivirus software, a list of known Mac viruses, and comparisons of security solutions tailored for Mac users.
<h3 class="articleauthorhead”>Author: Roman Loyola, Senior Editor, Macworld
Roman Loyola brings over three decades of experience in the tech industry, specializing in the Mac ecosystem. As a Senior Editor at Macworld and host of the Macworld Podcast, he has a rich history that began at MacUser, where he earned Apple certification as a repair technician. His career has also included roles at MacAddict, MacLife, and TechTV.
<h3 class="recentstorieshead”>Recent stories by Roman Loyola:
