Apple revoked a legitimate developer certificate used by hackers behind malware dubbed OSX/Dok, which was able to eavesdrop on secure HTTPS traffic of infected systems. On Sunday, Apple also rolled out an update to its XProtect built-in antimalware software to fend off existing and upcoming OSX/Dok-type attacks. OSX/Dok was reported by Check Point last week. According to researchers, an infected system allowed a malicious third party to gain “complete access to all victim communication” including those protected by SSL. Check Point said it’s unclear how many systems may have been impacted by the malware.
View full story
ORIGINAL SOURCE: Threatpost