A group of MacOS vulnerabilities—fixed by Apple at the end of last year—could allow an attacker to 'punch a hole' in your Safari browser, granting them access to your online accounts, to turn on your mic, or even take over your webcam. 😳
thing that happens when you have dozens of browser tabs open is you can't find the one that suddenly starts blasting random ads. But a group of macOS vulnerabilities—fixed by Apple at the end of last year—could have exposed your Safari tabs and other browser settings to attack, opening the door for hackers to grab control of your online accounts, turn on your microphone, or take over your webcam.
MacOS has built-in protections to prevent this sort of attack, including Gatekeeper, which confirms the validity of the software your Mac runs. Butgot around those safeguards by abusing iCloud and Safari features that macOS already trusts. While poking for potential weaknesses in Safari, independent security researcher Ryan Pickren started looking at iCloud's document-sharing mechanism because of the trust inherent between iCloud and macOS.
Once the hacker has staged the attack they can essentially take over Safari, see what the victim sees, access the accounts the victim is logged into, and abuse permissions the victim has granted websites to access their camera and microphone. An attacker could also access other files stored locally on the victim's Mac.
“The attacker is basically punching a hole in the browser,” says Ryan Pickren, the security researcher who disclosed the vulnerabilities to Apple. “So if you’re signed into Twitter.com on one tab I could jump into that and do everything you can from Twitter.com. But that’s nothing to do with Twitter’s servers or security, I as the attacker am just assuming the role that you already have in your browser.
日本 最新ニュース, 日本 見出し
Similar News:他のニュース ソースから収集した、これに似たニュース記事を読むこともできます。
2023 Porsche 911 Safari looks production-ready in new spy photosPorsche appears ready to debut its high-riding 911 Safari, judging by the state of the prototype captured in these spy photos.
続きを読む »
2023 Porsche 911 Safari spy shots: High-riding sports car hits the 'RingPorsche has said a high-riding 911 would be a good idea, and now one is being tested.
続きを読む »
Overheard at National Geographic: The Arctic Story Hunter on Apple PodcastsThis week on OverheardNatGeo photographer Evgenia Arbugaeva invites us to experience the unexpected beauty of her childhood home in the Siberian Arctic
続きを読む »
Apple patents new tech to potentially battle Bluetooth limitationsApple was just granted a brand new patent, which would require AirPods and might end up in the company's rumored AR/VR headset at some point.
続きを読む »
Apple Says He Hates Two Fan Bases of Two of His Former TeamsFans from both teams had some amazing responses on Twitter
続きを読む »
Apple will soon allow customers the option to repair their own iPhonesThis year, Apple will roll out a new self-service repair program.
続きを読む »