Looks like Apple is becoming the new Microsoft, quite amusing. Long story short, they did patch an actively exploited zero day in macOS Big Sur, but for some reason they forgot to patch it in macOS Catalina, only 7 months later they decided to finally patch it. https://blog.malwarebytes.com/malwa...ore-questions-about-apples-security-patching/
As most of us know, in Windows we can easily tackle most of these ''drive by'' attacks with stuff like anti-exploit, anti-executable, HIPS and virtualization. But do you guys know of any similar tools on the macOS? I have searched for it, but couldn't find any, besides third party AV's and firewalls, but I'm talking about specialized tools. And please don't come with that nonsense about not needing any third party anti-malware tools on Unix, stay on topic please.
And BTW, I have looked for macOS security apps on this site, but most of them see to be quite basic. I'm looking for tools similar to HitmanPro.Alert, OSArmor, SpyShelter and Sandboxie for example. Perhaps some macOS guru knows about them. https://www.macupdate.com/explore/categories/security
Yes, I knew about Objective-See, it's just about the only company focused on making behavior blocking tools for the macOS. But they are still not as advanced as third party tools on Windows. Makes you wonder if it's even possible to develop tools similar to SpyShelter and HMPA on the macOS.
And BTW, seems like their tools were good enough to interfere with the backdoor malware that was dropped via the Safari and macOS zero day exploit. This backdoor was able to get persistence on the system and seems like it bypassed macOS built-in security like Gatekeeper and XProtect. https://objective-see.com/blog/blog_0x69.html
Yes, sometimes it does pay off to use third party tools, even on the macOS. Of course on the macOS it's less likely that you will encounter malware, but if it does happen, it's nice to have a bit more advanced mitigations tools. And eventhough Gatekeeper and XProtect are probably good enough to block most malware, they still seem to be a bit basic. But I haven't got a clue if third party AV's would do any better.
