An Interest In:
Web News this Week
- April 19, 2024
- April 18, 2024
- April 17, 2024
- April 16, 2024
- April 15, 2024
- April 14, 2024
- April 13, 2024
September 3, 2015 02:00 am
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/tkozIR-bScc/extremely-critical-os-x-keychain-vulnerability-steals-passwords-via-sms
"Extremely Critical" OS X Keychain Vulnerability Steals Passwords Via SMS
Mark Wilson writes: Two security researchers have discovered a serious vulnerability in OS X that could allow an attacker to steal passwords and other credentials in an almost invisible way. Antoine Vincent Jebara and Raja Rahbani — two of the team behind the myki identity management security software — found that a series of terminal commands can be used to extract a range of stored credentials. What is particularly worrying about the vulnerability is that it requires virtually no interaction from the victim; simulated mouse clicks can be used to click on hidden buttons to grant permission to access the keychain. Apple has been informed of the issue, but a fix is yet to be issued. The attack, known as brokenchain, is disturbingly easy to execute. Ars reports that this weakness has been exploited for four years.at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/tkozIR-bScc/extremely-critical-os-x-keychain-vulnerability-steals-passwords-via-sms
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot