The Comprehensive Guide to iOS & macOS Security delivers battle‑tested techniques and practical hardening steps for every Apple device.

Grab your copy now and stay one step ahead of threats!
https://hackersarise.thinkific.com/courses/mac-security

#InfoSec #AppleSecurity #CyberDefense #iOS #macOS

The Comprehensive Guide to iOS & macOS Security delivers battle‑tested techniques and practical hardening steps for every Apple device.

Grab your copy now and stay one step ahead of threats!
https://hackersarise.thinkific.com/courses/mac-security

#InfoSec #AppleSecurity #CyberDefense #iOS #macOS

🧪 NEW BETA RELEASE 🧪

🔨 Xcode 26.1 RC (17B54)

#apple #cybersecurity #infosec #security #ios

🧪 NEW BETA RELEASE 🧪

🔨 Xcode 26.1 RC (17B54)

#apple #cybersecurity #infosec #security #ios

🧪 NEW BETA RELEASES 🧪

📱 iOS 18.7.2 RC (22H123)
📱 iOS 26.1 RC (23B82)
📱 iPadOS 18.7.2 RC (22H123)
📱 iPadOS 26.1 RC (23B82)
💻 macOS 26.1 RC (25B77)
📺 tvOS 26.1 RC (23J580)
🥽 visionOS 26.1 RC (23N48)
⌚ watchOS 26.1 RC (23S36)

#apple #cybersecurity #infosec #security #ios

🧪 NEW BETA RELEASES 🧪

📱 iOS 18.7.2 RC (22H123)
📱 iOS 26.1 RC (23B82)
📱 iPadOS 18.7.2 RC (22H123)
📱 iPadOS 26.1 RC (23B82)
💻 macOS 26.1 RC (25B77)
📺 tvOS 26.1 RC (23J580)
🥽 visionOS 26.1 RC (23N48)
⌚ watchOS 26.1 RC (23S36)

#apple #cybersecurity #infosec #security #ios

New.

"BlueNoroff (aka. Sapphire Sleet, APT38, Alluring Pisces, Stardust Chollima, and TA444) has adopted new infiltration strategies and malware sets over time, but it still targets blockchain developers, C-level executives, and managers within the Web3/blockchain industry."

Kaspersky: Crypto wasted: BlueNoroff’s ghost mirage of funding and jobs https://securelist.com/bluenoroff-apt-campaigns-ghostcall-and-ghosthire/117842/ @Kaspersky #cybersecurity #infosec #macOS #Apple #malware

New.

"BlueNoroff (aka. Sapphire Sleet, APT38, Alluring Pisces, Stardust Chollima, and TA444) has adopted new infiltration strategies and malware sets over time, but it still targets blockchain developers, C-level executives, and managers within the Web3/blockchain industry."

Kaspersky: Crypto wasted: BlueNoroff’s ghost mirage of funding and jobs https://securelist.com/bluenoroff-apt-campaigns-ghostcall-and-ghosthire/117842/ @Kaspersky #cybersecurity #infosec #macOS #Apple #malware

@mikkaels @Sarahp ROFL... LMAO EVEN!

#Sarcasm #Apple #iCloud #Backdoor #Malware #Privacy #ITsec #InfoSec #OpSec #ComSec #ITsec #CloudAct

Crypto wasted: BlueNoroff’s ghost mirage of funding and jobs

BlueNoroff, a financially motivated threat actor, has been conducting two sophisticated campaigns dubbed GhostCall and GhostHire. GhostCall targets macOS devices of tech executives and venture capitalists through fake Zoom-like meetings, while GhostHire targets Web3 developers through fake recruitment processes. Both campaigns utilize various malware chains, including ZoomClutch, DownTroy, CosmicDoor, RooTroy, and SilentSiphon. The attacks involve social engineering, AI-enhanced images, and multi-stage malware deployment across Windows, macOS, and Linux systems. BlueNoroff has expanded its focus beyond cryptocurrency theft to comprehensive data acquisition, enabling supply chain attacks and leveraging established trust relationships for broader impact.

Pulse ID: 69003b85c217870cc5794cc6
Pulse Link: https://otx.alienvault.com/pulse/69003b85c217870cc5794cc6
Pulse Author: AlienVault
Created: 2025-10-28 03:41:57

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BlueNoroff #CyberSecurity #InfoSec #Linux #Mac #MacOS #Malware #OTX #OpenThreatExchange #Rust #SocialEngineering #SupplyChain #Web3 #Windows #Zoom #bot #cryptocurrency #developers #AlienVault

Crypto wasted: BlueNoroff’s ghost mirage of funding and jobs

BlueNoroff, a financially motivated threat actor, has been conducting two sophisticated campaigns dubbed GhostCall and GhostHire. GhostCall targets macOS devices of tech executives and venture capitalists through fake Zoom-like meetings, while GhostHire targets Web3 developers through fake recruitment processes. Both campaigns utilize various malware chains, including ZoomClutch, DownTroy, CosmicDoor, RooTroy, and SilentSiphon. The attacks involve social engineering, AI-enhanced images, and multi-stage malware deployment across Windows, macOS, and Linux systems. BlueNoroff has expanded its focus beyond cryptocurrency theft to comprehensive data acquisition, enabling supply chain attacks and leveraging established trust relationships for broader impact.

Pulse ID: 69003b85c217870cc5794cc6
Pulse Link: https://otx.alienvault.com/pulse/69003b85c217870cc5794cc6
Pulse Author: AlienVault
Created: 2025-10-28 03:41:57

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BlueNoroff #CyberSecurity #InfoSec #Linux #Mac #MacOS #Malware #OTX #OpenThreatExchange #Rust #SocialEngineering #SupplyChain #Web3 #Windows #Zoom #bot #cryptocurrency #developers #AlienVault

@mikkaels @Sarahp ROFL... LMAO EVEN!

#Sarcasm #Apple #iCloud #Backdoor #Malware #Privacy #ITsec #InfoSec #OpSec #ComSec #ITsec #CloudAct

@mikkaels @Sarahp ROFL... LMAO EVEN!

#Sarcasm #Apple #iCloud #Backdoor #Malware #Privacy #ITsec #InfoSec #OpSec #ComSec #ITsec #CloudAct

Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector Persistence and Sophisticated C&C

The Water Saci campaign has evolved, now utilizing an email-based command and control infrastructure and multi-vector persistence for resilience. The new attack chain employs script-based techniques, including VBS downloaders and PowerShell scripts, to hijack WhatsApp Web sessions and automate malware distribution. It features sophisticated remote control capabilities, allowing real-time management of infected machines as a coordinated botnet. The malware implements extensive anti-analysis measures and targets Portuguese-language systems. Its email-based C&C system uses IMAP connections to retrieve commands, complemented by an HTTP-based polling mechanism for ongoing communication. The campaign shares similarities with the Coyote banking trojan, suggesting possible links within the Brazilian cybercriminal ecosystem.

Pulse ID: 68ff8dd035041c4143f2889b
Pulse Link: https://otx.alienvault.com/pulse/68ff8dd035041c4143f2889b
Pulse Author: AlienVault
Created: 2025-10-27 15:20:48

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Bank #BankingTrojan #Brazil #CandC #Coyote #CyberSecurity #Email #HTTP #InfoSec #Mac #Malware #OTX #OpenThreatExchange #PowerShell #Trojan #VBS #WhatsApp #bot #botnet #AlienVault

Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector Persistence and Sophisticated C&C

The Water Saci campaign has evolved, now utilizing an email-based command and control infrastructure and multi-vector persistence for resilience. The new attack chain employs script-based techniques, including VBS downloaders and PowerShell scripts, to hijack WhatsApp Web sessions and automate malware distribution. It features sophisticated remote control capabilities, allowing real-time management of infected machines as a coordinated botnet. The malware implements extensive anti-analysis measures and targets Portuguese-language systems. Its email-based C&C system uses IMAP connections to retrieve commands, complemented by an HTTP-based polling mechanism for ongoing communication. The campaign shares similarities with the Coyote banking trojan, suggesting possible links within the Brazilian cybercriminal ecosystem.

Pulse ID: 68ff8dd035041c4143f2889b
Pulse Link: https://otx.alienvault.com/pulse/68ff8dd035041c4143f2889b
Pulse Author: AlienVault
Created: 2025-10-27 15:20:48

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Bank #BankingTrojan #Brazil #CandC #Coyote #CyberSecurity #Email #HTTP #InfoSec #Mac #Malware #OTX #OpenThreatExchange #PowerShell #Trojan #VBS #WhatsApp #bot #botnet #AlienVault

🚀 Sync-in Server 1.8 is out!

🌍 14 languages supported
⚡ Better for small systems (e.g. Raspberry Pi)
🖼️ 3× faster photo thumbnails
🔍 Full-text search with flexible indexing
📊 Storage quotas incl. external data
🐳 Lighter Docker image

📖 https://sync-in.com/news/sync-in-server-1-8

#release #opensource #foss #selfhosting #selfhosted #security #linux #privacy #logicielslibres #libre #collaboration #mfa #2fa #authentification #cybersecurity #infosec #nodejs #typescript #devops #opensourcecommunity

🚀 Sync-in Server 1.8 is out!

🌍 14 languages supported
⚡ Better for small systems (e.g. Raspberry Pi)
🖼️ 3× faster photo thumbnails
🔍 Full-text search with flexible indexing
📊 Storage quotas incl. external data
🐳 Lighter Docker image

📖 https://sync-in.com/news/sync-in-server-1-8

#release #opensource #foss #selfhosting #selfhosted #security #linux #privacy #logicielslibres #libre #collaboration #mfa #2fa #authentification #cybersecurity #infosec #nodejs #typescript #devops #opensourcecommunity

Your iPhone isn't as secure as you think!

Learn to defend against Pegasus spyware, zero-click exploits, and advanced threats targeting Apple devices.

From FileVault to firmware locks - master iOS and Mac security before attackers do.
https://hackersarise.thinkific.com/courses/mac-security

#infosec #ios #macos #apple #cybersecurity #technology #pegasus #malware

Your iPhone isn't as secure as you think!

Learn to defend against Pegasus spyware, zero-click exploits, and advanced threats targeting Apple devices.

From FileVault to firmware locks - master iOS and Mac security before attackers do.
https://hackersarise.thinkific.com/courses/mac-security

#infosec #ios #macos #apple #cybersecurity #technology #pegasus #malware

2/n #infosec #IdentityTheft
tl;dr My #bankofamerica accounts (checking, credit cards) were compromised, and my #Apple ID, my spouse’s Apple ID, and possibly a lot more. It is an ongoing process.

The thieves were actively testing my accounts by seeing how much they could “pull” via bank transfers when security shut everything down. It was a VERY close call -- my IRA and other other financial accounts were linked in. I could have lost everything.

Read on for lessons learned…

(continued)