Rootpipe | Breaking Cybersecurity News | The Hacker News

Sad but True! Your Apple's Mac computer is vulnerable to a serious privilege escalation flaw, dubbed "RootPipe," even if you are running the latest version of Mac OS X. What's RootPipe? Back in October 2014, a Swedish White Hat hacker Emil Kvarnhammar claimed to have discovered a critical privilege escalation vulnerability, he dubbed the backdoor as " RootPipe ," in some versions of Mac OS X including the then newest version 10.10 Yosemite. The vulnerability ( CVE-2015-1130 ) could allow an attacker to take full control of your desktop Mac computer or MacBook laptop, even without any authentication. Keeping in mind the devastating effect of the RootPipe vulnerability, the researcher privately reported the flaw to Apple and did not disclose the details of the flaw publicly until the company released a patch to fix it. Apple did release an update but failed to patch RootPipe: Earlier this month, Apple released the latest version of Mac OS...

A Swedish Security researcher has discovered a critical vulnerability in Apple's OS X Yosemite that gives hackers the ability to escalate administrative privileges on a compromised machine, and allows them to gain the highest level of access on a machine, known as root access. The vulnerability, dubbed as " Rootpipe ", was uncovered by Swedish white-hat hacker Emil Kvarnhammar , who is holding on the full details about the privilege escalation bug until January 2015, as Apple needs some time to prepare a security patch. " Details on the #rootpipe exploit will be presented, but not now. Let's just give Apple some time to roll out a patch to affected users, " Emil Kvarnhammar, IT specialist and hacker security company Truesec, tweeted from his twitter account. By exploiting the vulnerability in the Mac OS X Yosemite , an attacker could bypass the usual safeguard mechanisms which are supposed to stop anyone who tries to root the operating system through a tempora...

In today's rapidly evolving threat landscape, safeguarding your organization against cyberattacks is more critical than ever. Traditional penetration testing (pentesting), while effective, often falls short due to its high costs, resource requirements, and infrequent implementation. Automated internal and external network pentesting is a game-changing solution, empowering organizations to stay ahead of attackers with cost-effective, frequent, and thorough security assessments. Strengthen Your Defenses: The Role of Internal and External Pentests  Effective cybersecurity requires addressing threats from both inside and outside your organization. Automated solutions streamline this process, enabling IT teams to implement a holistic and proactive defense strategy. Internal Pentesting: Securing the Core Internal pentesting simulates an attacker operating within your network, exposing vulnerabilities such as insider threats, compromised credentials, or breaches through physical or ...