Enlarge (credit: Patrick Wardle ) Malicious Microsoft Word documents that abuse macros have long been the bane of Windows users. Now, security researchers have found what may be the first such real-world attack to infect Macs. The attack was found in a Word file titled “U.S. Allies and Rivals Digest Trump’s Victory – Carnegie Endowment for International Peace.” When Mac users open the document in a Word application configured to allow macros and ignore a warning, an embedded macro automatically: checks to make sure the LittleSnitch security firewall isn’t running downloads an encrypted payload from hxxps://www.securitychecking.org:443/index.asp decrypts the payload using a hard-coded key and executes the payload The code contained in the macro is written in the Python programming language. It was taken almost verbatim from EmPyre , an open-source exploit framework for Macs. By the time the researchers found the booby-trapped document, the securitychecking.org was no longer serving the payload, so it wasn’t possible to know precisely what it did. But the Empyre component the macro borrowed allowed for persistent infections that contained a wide range of capabilities, including monitoring webcams, stealing passwords and encryption keys stored in the keychain, and accessing browsing histories. Read 3 remaining paragraphs | Comments
See more here:
Mac malware is still crude, but it’s slowly catching up to its Windows rivals
Microsoft announced on Thursday that it is open sourcing PowerShell, its system administration, scripting, and configuration management tool that has been a default part of Windows for several years. The company says it will soon release PowerShell on Mac and Linux platforms. PCWorld reports: The company is also releasing alpha versions of PowerShell for Linux (specifically Ubuntu, Centos and Redhat) and Mac OS X. A new PowerShell GitHub page gives people the ability to download binaries of the software, as well as access to the app’s source code. PowerShell on Linux and Mac will let people who have already built proficiency with Microsoft’s scripting language take those skills and bring them to new platforms. Meanwhile, people who are used to working on those platforms will have access to a new and very powerful tool for getting work done. It’s part of Microsoft’s ongoing moves to open up products that the company has previously kept locked to platforms that it owned. The company’s open sourcing of its .NET programming frameworks in 2014 paved the way for this launch, by making the building blocks of PowerShell available on Linux and OS X. By making PowerShell available on Linux, Microsoft has taken the skills of Windows administrators who are already used to the software, and made them more marketable. It has also made it possible for hardcore Linux users to get access to an additional set of tools that they can use to manage a variety of systems. Read more of this story at Slashdot. 
Apple services went offline for up to 7 hours Thursday — and the company has yet to offer an explanation. An anonymous reader writes: The outage affected the App Store, iTunes in the Cloud, Apple TV, Mail Drop, Find my iPhone, and Photos. During the outage, Apple responded to complaints on Twitter, “Thank you for the information. We’re aware of this issue and are investigating, ” Tech Times reports that the iCloud Music Library had also experienced an outage on Wednesday, and that just weeks ago Apple released an operating system update which bricked several iPad Pros. And yesterday Amazon also experienced a service outage. Read more of this story at Slashdot. 
An anonymous reader writes: Humble Bundle announced a special “pay what you want” sale for four ebooks from No Starch Press, with proceeds going to the Electronic Frontier Foundation (or to the charity of your choice). This “hacker edition” sale includes two relatively new titles from 2015 — “Automate the Boring Stuff with Python” and Violet Blue’s “Smart Girl’s Guide to Privacy, ” as well as “Hacking the Xbox: An Introduction to Reverse Engineering” by Andrew “bunnie” Huang, and “The Linux Command Line”. Hackers who are willing to pay “more than the average” — currently $14.87 — can also unlock a set of five more books, which includes “The Maker’s Guide to the Zombie Apocalypse: Defend Your Base with Simple Circuits, Arduino, and Raspberry Pi”. (This level also includes “Bitcoin for the Befuddled” and “Designing BSD Rootkits: An Introduction to Kernel Hacking”.) And at the $15 level — just 13 cents more — four additional books are unlocked. “Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software” is available at this level, as well as “Hacking: The Art of Exploitation” and “Black Hat Python.” Nice to see they’ve already sold 28, 506 bundles, which are DRM-free and available in PDF, EPUB, and MOBI format. (I still remember Slashdot’s 2012 interview with Make magazine’s Andrew “bunnie” Huang, who Samzenpus described as “one of the most famous hardware and software hackers in the world.”) Read more of this story at Slashdot. 
