The Hacker News Logo
Subscribe to Newsletter

The Hacker News — Cyber Security and Hacking News Website: Hack Apple Mac

AirDrop Bug in Apple iOS and OSX allows Hackers to Install Malware Silently

AirDrop Bug in Apple iOS and OSX allows Hackers to Install Malware Silently
September 16, 2015Swati Khandelwal
With the launch of iOS 9, Apple gave us an ultimate reason to upgrade our Apple devices to its new operating system. The latest iOS 9 includes a security update for a nasty bug that could be exploited to take full control of your iPhone or Macs, forcing most of the Apple users to download the latest update. Australian security researcher Mark Dowd has disclosed a serious vulnerability in AirDrop , Apple's over-the-air file sharing service built into iOS and Mac OS X. How the Attack Works? The vulnerability allows anyone within the range of an AirDrop user to silently install a malicious app on a target Apple device by sending an AirDrop file which involves rebooting of the target device. An attacker can exploit this critical bug even if the victim rejects the incoming file sent over AirDrop. After rebooting takes place, the malicious app gains access to Springboard, Apple's software to manage iOS home screen, allowing the app to fool the victim’s iP

Apple Mac OS X Hits by Two Unpatched Zero-day Flaws

Apple Mac OS X Hits by Two Unpatched Zero-day Flaws
August 19, 2015Swati Khandelwal
Few days after Apple patched the DYLD_PRINT_TO_FILE privilege-escalation vulnerability in OS X Yosemite, hackers have their hands on another zero-day bug in its operating system that allows hackers to gain root privileges to Mac computers. Italian teenager Luca Todesco ( @qwertyoruiop ) has discovered two unknown zero-day vulnerabilities in Apple's Mac OS X operating system that could potentially be exploited to gain remote access to a Mac computer. The 18-year-old self-described hacker has also posted details of his finding with source code for an exploit on the Github repository , as well as software to mitigate the vulnerability. OS X Zero-Day Exploit in the Wild The hacker's exploit makes use of two system flaws (which he dubbed ' tpwn ') in order to cause a memory corruption in OS X's kernel . Due to memory corruption, it's possible to circumvent the space layout randomization of the kernel address, therefore bypassing the toughe

Apple Mac OSX Zero-Day Bug Allows Hackers to Install RootKit Malware

Apple Mac OSX Zero-Day Bug Allows Hackers to Install RootKit Malware
June 02, 2015Swati Khandelwal
A zero-day software vulnerability discovered deep in the firmware of many Apple computers could allows an attacker to modify the system’s BIOS and install a rootkit , potentially gaining complete control of the victim’s Mac. The critical vulnerability, discovered by well-known OS X security researcher Pedro Vilaca, affects Mac computers shipped before mid-2014 that are allowed to go into sleep mode. While studying Mac security, Vilaca found that it’s possible to tamper with Apple computer’s UEFI (unified extensible firmware interface) code. UEFI is a low-level firmware designed to improve upon computer’s BIOS, which links a computer's hardware and operating system at startup and is typically not accessible to users. But… Vilaca found that the machine’s UEFI code can be unlocked after a computer is put to sleep and then brought back up. " And you ask, what the hell does this mean? " Vilaca wrote in a blog post published Friday. " It means th
Exclusive Deals

Get Daily News Updates By Email

Join over 350,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.