HackDig : Dig high-quality web security articles for hackers

Keychain, Apple’s Cloud-Based Tool That Safeguards Your Data

Safeguarding your company’s confidential information, in many cases, calls for having your employees create and properly manage a series of passwords. Not only should they choose complex credentials, but they should also vary among themselves. And they definitely should not be saved in easily accessible places, like a text document. Password managers come in
Publish At:2017-02-06 09:30 | Read:4253 | Comments:0 | Tags:Security Apple keychain passwords Cloud

EncFSGui – GUI Wrapper around encfs for OSX

Introduction3 weeks ago, I posted a rant about my frustration/concern related with crypto tools, more specifically the lack of tools to implement crypto-based protection for files on OSX, in a point-&-click user-friendly way.  I listed my personal functional and technical criteria for such tools and came to the con
Publish At:2016-02-01 10:20 | Read:5629 | Comments:0 | Tags:001_Security Crypto My Free Tools Scripts boxcryptor classic

Critical OS X flaw could be exploited to steal data from Keychain

Security researchers at MalwareBytes have discovered a new variant of an adware installer that is leveraging an old trick to access the Keychain on MAC OS X In July, researchers at Malwarebytes have identified a local privilege escalation (LPE) vulnerability in the Mac OS X operating system. The experts discovered that the fla
Publish At:2015-09-03 17:15 | Read:4061 | Comments:0 | Tags:Breaking News Hacking Keychain Mac OS X Malwarebytes exploit

Attacks accessing Mac keychain without permission date back to 2011

On Tuesday, Ars chronicled an OS X technique that's being actively used by an underhanded piece of adware to access people's Mac keychain without permission. Now there's evidence the underlying weakness has been exploited for four years.As documented by Twitter user @noarfromspace, the keychain-penetrating technique was carried out in 2011 by a piece of
Publish At:2015-09-02 19:45 | Read:2741 | Comments:0 | Tags:Infinite Loop Risk Assessment Technology Lab adware keychain

Sneaky adware caught accessing users’ Mac Keychain without permission

Last month, Ars chronicled a Mac app that brazenly exploited a then unpatched OS X vulnerability so the app could install itself without requiring people to enter system passwords. Now, researchers have found the same highly questionable installer is accessing people's Mac keychain without permission.Further Reading0-day bug in fully patched OS X comes u
Publish At:2015-09-02 02:10 | Read:3104 | Comments:0 | Tags:Infinite Loop Law & Disorder Risk Assessment Technology Lab

‘XARA’ Password Stealing Vulnerabilities Outlined in iOS, OSX

A group of researchers from Indiana University say that they’ve found a handful of vulnerabilities in both Apple’s OS X and iOS, and perhaps more worrisome, cracked the Keychain service that the company uses for apps and their sandboxes on OS X.A series of weak app-to-app authentication vulnerabilities is to blame. If strung together, the issues
Publish At:2015-06-18 02:45 | Read:4929 | Comments:0 | Tags:Apple Privacy Vulnerabilities apple Apple cracks Apple vulne

Serious OS X and iOS flaws let hackers steal keychain, 1Password contents

Researchers have uncovered huge holes in the application sandboxes protecting Apple's OS X and iOS operating systems, a discovery that allows them to create apps that pilfer iCloud, Gmail, and banking passwords and can also siphon data from 1Password, Evernote, and other apps.The malicious proof-of-concept apps were approved by the Apple Store, which req
Publish At:2015-06-17 23:30 | Read:4198 | Comments:0 | Tags:Infinite Loop Risk Assessment Technology Lab Uncategorized a


Share high-quality web security related articles with you:)