Uptycs Blog

Welcome! The Uptycs blog is for security professionals and osquery enthusiasts interested in exploring new ideas in cloud security. We hope you’ll enjoy our blog enough to subscribe and share.

When Gatekeeper looks the other way: Alerting on the new macOS vulnerability [April 2021]

When Gatekeeper looks the other way: Alerting on the new macOS vulnerability [April 2021]

Earlier this week Apple issued an update to macOS Big Sur bringing it up to version 11.3. This update included a security fix for a vulnerability within the macOS Gatekeeper security system, and given the ID of “CVE 2021-30657”. This vulnerability was disclosed to Apple by an expert macOS Security Researcher Cedric Owens (Twitter: @cedowens, GitHub: cedowens).

Silver Sparrow macOS malware detection with Uptycs

Silver Sparrow macOS malware detection with Uptycs

Late last week cybersecurity company Red Canary published an article revealing a new strain of macOS malware they discovered. Looking at data provided by Malwarebytes they determined that this new malware, which they dubbed “Silver Sparrow,” had already infected nearly 30,000 macOS endpoints around the world.

Osquery: What it is, how it works, and how to use it

Osquery: What it is, how it works, and how to use it

Maintaining visibility into infrastructure and operating systems is critical for all organizations today—compliance, security, and your bottom line depend on it.

macOS Bundlore: Is New Code Being Tested in Old Adware?

macOS Bundlore: Is New Code Being Tested in Old Adware?

macOS Bundlore is one of the most popular macOS adware installers. It either comes bundled with pirated applications, or from the web, prompting users to install or update Flash. Though the majority of browsers now have limited support for Flash, it is still a favorite mechanism for infecting systems. 

[Infographic] MacOS native security configurations and osquery

[Infographic] MacOS native security configurations and osquery

Be it for macOS or my dog eating out of the trash, there is no such thing as a bullet-proof security policy. It’s all about creating a threshold of standards- something to work off of while simultaneously reducing overall risk (you know, like storing your trash can on the counter, for example).

Checking MDS/Zombieload mitigations on macOS with osquery

Checking MDS/Zombieload mitigations on macOS with osquery

As a part of a pretty crazy week (Microsoft/RDS, Apple/Mojave/High Sierra, Adobe Acrobat/ Flash Player) when it comes to security updates, some new speculative execution vulnerabilities were disclosed and fixed.

Page 1 of 3: