Yet another flaw in Apple’s “iamroot” bug fix

Credit to Author: Thomas Reed| Date: Mon, 04 Dec 2017 17:05:12 +0000

Flaws in Apple’s response to the “iamroot” vulnerability show that some systems can remain vulnerable even after applying the patch.

Categories:

Tags:

(Read more…)

The post Yet another flaw in Apple’s “iamroot” bug fix appeared first on Malwarebytes Labs.

Read more

Serious macOS vulnerability exposes the root user

Credit to Author: Thomas Reed| Date: Wed, 29 Nov 2017 16:00:02 +0000

A major macOS vulnerability in High Sierra was reported. Anyone can log in as “root” with an empty password. Learn more.

Categories:

Tags:

(Read more…)

The post Serious macOS vulnerability exposes the root user appeared first on Malwarebytes Labs.

Read more

A week in security (September 25 – October 01)

Credit to Author: Malwarebytes Labs| Date: Mon, 02 Oct 2017 16:59:47 +0000

A compilation of security news and blog posts from the 25th of September to the 1st of October. We touched on that new macOS High Sierra keychain vulnerability, the Deloitte breach, BlueBorne, crypto mining, and others.

Categories:

Tags:

(Read more…)

The post A week in security (September 25 – October 01) appeared first on Malwarebytes Labs.

Read more

Keychain vulnerability in macOS

Credit to Author: Thomas Reed| Date: Tue, 26 Sep 2017 18:11:06 +0000

On Monday, Patrick Wardle, a respected security researcher at Synack and owner of Objective-See, sent a tweet about a keychain vulnerability he had found in macOS High Sierra. As his tweet showed, it is possible for a malicious app to extract, and then exfiltrate, keychain data from High Sierra, with passwords clearly exposed in plain text.

Categories:

Tags:

(Read more…)

The post Keychain vulnerability in macOS appeared first on Malwarebytes Labs.

Read more