Zero-Day Exploits for Stealing OS X and iOS Passwords
Jun 19, 2015
I think you'll agree with me when I say: Apple devices are often considered to be more safe and secure than other devices that run on platforms like Windows and Android, but a recent study will make you think twice before making this statement. A group of security researchers have uncovered potentially deadly zero-day vulnerabilities in both iOS and OS X operating systems that could put iPhone/iPad or Mac owners at a high risk of cyber attacks. Researchers have created and published a malicious app on the App Store that was able to siphon users' personal data from the password storing Keychain in Apple's OS X , as well as steal passwords from iCloud, banking and email accounts. Dubbed XARA (cross-app resource access), the malware exploit app was able to bypass the OS X sandboxing mechanisms that are supposedly designed to prevent an app from accessing the credentials, contacts, and other important data related to other apps. The Consequences are Dire!