Tag Archives: Macbook

Breaking: Wikileaks reveals CIA's Apple MacOS and iPhone Hacking Techniques

As part of its “Vault 7” series, Wikileaks — the popular whistle-blowing platform — has just released another batch of classified documents focused on exploits and hacking techniques the Central Intelligence Agency (CIA) designed to target Apple MacOS and iOS devices.

Dubbed “Dark Matter,” the leak uncovers macOS vulnerabilities and attack vectors developed by a special division of the CIA

Why Apple security myths pervade

Last week I received an email from our IT Crowd reminding me (and others) to please update our iPhones to the new iOS version 8.4.1 immediately, for security reasons. Apparently, a zero-day sandbox violation from earlier in the year was finally being fixed by Apple with this update – yet Apple’s notification said only “improvements and fixes to Apple Music.”

The post Why Apple security myths pervade appeared first on Avira Blog.

Don’t Let Your Mac Fall Asleep: It Might Dream Up A Rootkit

Just last month we talked about how the “Unicode of Death” crashes your iPhones and Apple Watches, how easily Apple Safari can be manipulated via URL-Spoofing and the Ex-NSA guy who pointed to Mac security flaws.

Now Pedro Vilaca, a security expert who is deep into Mac OS X and iOS security, found another not so great looking vulnerability. Take a look at what he wrote on his blog: “Well, Apple’s S3 suspend-resume implementation is so f*cked up that they will leave the flash protections unlocked after a suspend-resume cycle. !?#$&#%&!#%&!#.

And you ask, what the hell does this mean? It means that you can overwrite the contents of your BIOS from userland and rootkit EFI without any other trick other than a suspend-resume cycle, a kernel extension, flashrom, and root access.”

Wow. So basically it is possible to install a rootkit on a Mac without much of an effort. Just wait until the machine enters sleep mode for at least 30 seconds or more so the Flash locks are removed. Once gone the device is yours. With the Flash locks gone you can play around with the UEFI code and well … for example install a rootkit. The only way to protect yourself from it is to never let your Apple device go into sleep mode.

Luckily not all devices seem to be affected. Vilaca tested the issue against a MacBook Pro Retina, a MacBook Pro 8,2, and a MacBook Air, all running the latest EFI firmware available. All of them were vulnerable. There is a shimmer of hope though: The latest MacBooks might have been silently fixed by Apple, since the security expert was not able to replicate the vulnerability there.

The post Don’t Let Your Mac Fall Asleep: It Might Dream Up A Rootkit appeared first on Avira Blog.