Critical Zero-Day Flaw in macOS Reveals Passwords in Plaintext

macOS High Sierra

There’s a critical zero-day bug in macOS High Sierra, Sierra, and El Capitan. It allows attackers to export data from Apple’s Keychain in plaintext, with the user none the wiser.

The post Critical Zero-Day Flaw in macOS Reveals Passwords in Plaintext appeared first on ExtremeTech.

The original article can be found here: https://www.extremetech.com/computing/256453-apples-macos-critical-0-day-flaw-allows-plaintext-password-extraction?source=Computing

Powered by WPeMatico

Linux flaw puts 1.4 billion Android devices at risk of spying attack, experts warn

A Linux flaw that lets attackers hijack internet traffic also affects nearly 80 percent of Android devices, security researchers warn.

The original article can be found here: http://www.foxnews.com/tech/2016/08/16/linux-flaw-puts-1-4-billion-android-devices-at-risk-spying-attack-experts-warn.html

Powered by WPeMatico

Identity thieves used thousands of stolen SSNs to generate IRS e-filing pins

Attackers using malware and stolen personal information managed to generate 101,000 e-filing PIN numbers, according to the IRS.

The original article can be found here: http://www.foxnews.com/tech/2016/02/10/identity-thieves-used-thousands-stolen-ssns-to-generate-irs-e-filing-pins.html

Powered by WPeMatico

Apple to patch actively-exploited privilege escalation bug in OS X 10.10.5 – report

A recently-discovered flaw in Apple’s desktop operating system that allows attackers to gain root-level access without requiring users’ passwords will be reportedly be fixed in the final release of OS X 10.10.5, which is already in beta.

The original article can be found here: http://appleinsider.com.feedsportal.com/c/33975/f/616168/s/48bb0baa/sc/15/l/0Lappleinsider0N0Carticles0C150C0A80C0A50Capple0Eto0Epatch0Eactively0Eexploited0Eprivilege0Eescalation0Ebug0Ein0Eos0Ex0E10A10A50E0E0Ereport/story01.htm

Powered by WPeMatico

New 'IP Box' tool bypasses 10-try limit for PINs on older iOS versions, automates brute force attacks

A relatively new $300 device could allow attackers to crack the PIN codes on out-of-date iPhones or iPads, taking advantage of a flaw in iOS versions older than 8.1.1 that allows unlimited attempts at PIN entry, even when users enable Apple’s 10-try limit.



The original article can be found here: http://appleinsider.com.feedsportal.com/c/33975/f/616168/s/4487de0f/sc/4/l/0Lappleinsider0N0Carticles0C150C0A30C180Cnew0Eip0Ebox0Etool0Ebypasses0E10A0Etry0Elimit0Efor0Epins0Eon0Eolder0Eios0Eversions0Eautomates0Ebrute0Eforce0Eattacks/story01.htm

Powered by WPeMatico

Phishing Scam Ensnares eBay Shoppers


Attackers for months have been using eBay listings to redirect visitors to password-harvesting scam sites. They use cross-site scripting to hijack eBay shoppers and trick them into handing over personal data. Smartphones, televisions, hot tubs and clothing are among the items supposedly for sale in listings infected with malicious Javascript code. When users click on the listings, the code redirects them through a series of other websites to a page requesting their eBay log-in and password.

The original article can be found here: http://www.ecommercetimes.com/story/81082.html?rss=1

Powered by WPeMatico

New Flash flaw could let attackers control Macs, Adobe urges users to update

Adobe on Monday disclosed a new vulnerability in its Flash platform that may allow attackers to remotely take over and control Macs, PCs, and Linux machines and advised users to update their system as quickly as possible.



The original article can be found here: http://appleinsider.com.feedsportal.com/c/33975/f/616168/s/39d89d3a/sc/21/l/0Lappleinsider0N0Carticles0C140C0A40C280Cnew0Eflash0Eflaw0Ecould0Elet0Eattackers0Econtrol0Emacs0Eadobe0Eurges0Eusers0Eto0Eupdate/story01.htm

Powered by WPeMatico