Two weird ways your iPhone or Mac can be hacked

By: Adrian Kingsley-Hughes

For most people, the security that Apple has baked into an iPhone or Mac is more than enough. But determined criminals can find creative ways to bypass the locks to get at your data. Should you be worried?

For the majority of users, the security offered by iOS and macOS is more than enough, and they can go about their day-to-day business secure in the knowledge that their data is safe.

But determined criminals can find a way around these safeguards, and while these two hacks are impractical for widespread use, they go to show just how creative ne’er-do-wells can be when it comes to cracking security measures.

First, let’s look at how a cable can be used to hack a Mac. Enter the O.MG Cable. This is an Apple Lightning charging cable with a twist. That twist is that it has been custom-modified with electronics that allow it to be used to access any Mac it has been connected to over a Wi-Fi network.

“In the end, I was able to create 100 percent of the implant in my kitchen and then integrate it into a cable. And these prototypes at DEF CON were mostly done the same way,” MG, the creator of the cable, told Vice.

The cables retail for $200 each.

The O.MG Cable also features a remote kill switch as a way to hide its existence.

How do you prevent these sorts of hacks? Use your own cable (customize it in a way unique to you so it can’t be surreptitiously replaced) and don’t plug charging cables into computers.

As for hacking into an iPhone, security researchers at the Black Hat hacker convention in Las Vegas managed to bypass the iPhone’s Face ID authentication system in 120 seconds.

More: https://www.zdnet.com/article/two-weird-ways-your-iphone-or-mac-can-be-hacked/

Critical MacOS Mojave vulnerability bypasses system security

By: Michael Archambault

With the launch of a new version of macOS from Apple typically comes a culmination of new features, better performance, and enhanced security. Unfortunately, the previous statement might not necessarily be true as security researcher Patrick Wardle, co-founder of Digita Security, has discovered that MacOS Mojave includes a severe security flaw; the bug is currently present on all machines running the latest version of macOS and allows unauthorized access to a users’ private data.

Wardle announced his discovery on Twitter, showcasing that he could easily bypass macOS Mojave’s built-in privacy protections. Due to the flaw, an unauthorized application could circumvent the system’s security and gain access to potentially sensitive information. With the Twitter post, Wardle also included a one-minute Vimeo video showing the hack in progress.

The short video begins with Wardle attempting to access a user’s protected address book and receiving a message that states the operation is not permitted. After accessing and running his bypass program, breakMojave, Wardle is then able to locate the user’s address book, circumvent the machine’s privacy access controls, and copy the address book’s contents to his desktop — no permissions needed.

Wardle is an experienced security researcher who has worked at NASA and the National Security Agency in his past; he notes that one of his current passions is finding MacOS security flaws before others have the chance. While it is unlikely Wardle will release the app as a malicious tool, he does want to spread knowledge of its existence so that Apple addresses the issue in a timely fashion.

More: https://www.digitaltrends.com/computing/macos-mojave-vulnerability

 

Grupo Lazarus ataca bolsa de criptomoedas usando malware no macOS

By: TI Inside Online

Especialistas da Kaspersky Lab e membros da Equipe de Pesquisa e Análise Global (GReAT), descobriram o AppleJeus – uma nova operação maliciosa do implacável grupo Lazarus. Os criminosos invadiram a rede de uma bolsa de criptomoeda na Ásia usando um software de negociação de moedas criptografadas transformado em cavalo de Troia. O objetivo do ataque era roubar criptomoedas das vítimas. Além do malware para Windows, os pesquisadores conseguiram identificar uma versão ainda desconhecida direcionada à plataforma macOS.

Esta foi a primeira vez que os pesquisadores da Kaspersky Lab observaram o famoso grupo Lazarus distribuindo um malware que visa usuários do macOS. Isso é um alerta para todos que usam esse sistema operacional para atividades que envolvem moedas criptografadas. De acordo com a análise dos pesquisadores do GReAT, a invasão da infraestrutura da bolsa de valores começou quando um funcionário da empresa baixou, de forma inocente, um aplicativo de terceiros de um site que parecia ser de um desenvolvedor de software de comercialização de criptomoeda.

O código do aplicativo não levanta suspeitas, exceto por conter um componente de atualização. Em softwares legítimos, esses componentes são usados para baixar novas versões do programa. No caso do AppleJeus, ele atua como um módulo de reconhecimento: primeiro, coleta informações básicas do computador em que foi instalado. Depois, envia essas informações para o servidor de comando e controle e, se os invasores decidirem que vale a pena invadir o computador, o código malicioso retorna na forma de uma atualização de software.

Mais: http://tiinside.com.br/tiinside/home/internet/27/08/2018/grupo-lazarus-ataca-bolsa-de-criptomoedas-usando-malware-no-macos/

ex-NSA Hacker Discloses macOS High Sierra Zero-Day Vulnerability

By: Mohit Kumar

Your Mac computer running the Apple’s latest High Sierra operating system can be hacked by tweaking just two lines of code, a researcher demonstrated at the Def Con security conference on Sunday.

Patrick Wardle, an ex-NSA hacker and now Chief Research Officer of Digita Security, uncovered a critical zero-day vulnerability in the macOS operating system that could allow a malicious application installed in the targeted system to virtually “click” objects without any user interaction or consent.

To know, how dangerous it can go, Wardle explains: “Via a single click, countless security mechanisms may be completely bypassed. Run untrusted app? Click…allowed. Authorize keychain access? Click…allowed. Load 3rd-party kernel extension? Click…allowed. Authorize outgoing network connection? click …allowed.”

Wardle described his research into “synthetic” interactions with a user interface (UI) as “The Mouse is Mightier than the Sword,” showcasing an attack that’s capable of ‘synthetic clicks’—programmatic and invisible mouse clicks that are generated by a software program rather than a human.

macOS code itself offers synthetic clicks as an accessibility feature for disabled people to interact with the system interface in non-traditional ways, but Apple has put some limitations to block malware from abusing these programmed clicks.

More: https://thehackernews.com/2018/08/macos-mouse-click-hack.html

Hackers disseminam vírus de macOS em grupos de bate-papo do Slack e Discord sobre criptomoedas

By: Altieres Rohr

Especialistas em segurança da DutchSec e da Malwarebytes analisaram um código malicioso distribuído em canais de bate-papo que abordam assuntos relacionados a criptomoedas como o Bitcoin e que, portanto, atinge usuários com interesse nesse assunto. A praga digital foi programada para computadores macOS da Apple (tais como o MacBook, o iMac e o Mac mini) e dá o controle total do computador infectado ao hacker.

Para convencer as vítimas a instalarem o vírus, os criminosos se disfarçam de moderadores ou membros da equipe dos canais e sugerem o uso de um comando especial que, segundo eles, resolveria problemas técnicos que as pessoas estariam enfrentando. O comando, porém, é responsável por baixar o programa malicioso e executá-lo com permissão total (“root”).

Os especialistas batizaram o vírus de OSX.Dummy (uma palavra em inglês que pode ser traduzida como “bobo”, “leigo” ou “burrinho”) pela falta de sofisticação do código malicioso e do ataque. No entanto, o ataque chama atenção por atingir usuários de computadores da Apple, que raramente são atingidos por pragas digitais.

Uma vez instalado no computador, o vírus cede o controle total do sistema aos responsáveis pelo vírus. A praga também rouba a senha de “root” da vítima.

MacOS High Sierra Bug Lets Anyone Gain Root Access Without a Password

By: sikur

Capturar

by Mohit Kumar

November 28, 2017

If you own a Mac computer and run the latest version of Apple’s operating system, macOS High Sierra, then you need to be extra careful with your computer.

A serious, yet stupid vulnerability has been discovered in macOS High Sierra that allows untrusted users to quickly gain unfettered administrative (or root) control on your Mac without any password or security check, potentially leaving your data at risk.

Discovered by developer Lemi Orhan Ergin on Tuesday, the vulnerability only requires anyone with physical access to the target macOS machine to enter “root” into the username field, leave the password blank, and hit the Enter a few times—and Voila!

In simple words, the flaw allows an unauthorized user that gets physical access on a target computer to immediately gain the highest level of access to the computer, known as “root,” without actually typing any password.

Needless to say, this blindingly easy Mac exploit really scary stuff.

This vulnerability is similar to one Apple patched last month, which affected encrypted volumes using APFS wherein the password hint section was showing the actual password of the user in the plain text.

Here’s How to Login as Root User Without a Password

If you own a Mac and want to try this exploit, follow these steps from admin or guest account:

  • Open System Preferences on the machine.
  • Select Users & Groups.
  • Click the lock icon to make changes.
  • Enter “root” in the username field of a login window.
  • Move the cursor into the Password field and hit enter button there few times, leaving it blank.

With that (after a few tries in some cases) macOS High Sierra logs the unauthorized user in with root privileges, allowing the user to access your Mac as a “superuser” with permission to read and write to system files, including those in other macOS accounts as well.

MORE: https://thehackernews.com/2017/11/mac-os-password-hack.html

 

Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist Lorep ipsum Lorep ipsum, journalist