Thunderstrike attack | Breaking Cybersecurity News | The Hacker News

If you think Apple's Mac computers are much more secure than Windows-powered systems, you need to think again. This isn't true, and security researchers have finally proved it. Two security researchers have developed a proof-of-concept computer worm for the first time that can spread automatically between MacBooks, without any need for them to be networked. Dubbed Thunderstrike 2 , the new proof-of-concept firmware attack is inspired by previously developed proof-of-concept firmware called Thunderstrike. Thunderstrike Attack , developed by security engineer Trammell Hudson, actually took advantage of a vulnerability in Thunderbolt Option ROM that could be used to infect Apple Extensible Firmware Interface (EFI) by allocating a malicious code into the boot ROM of an Apple computer through infected Thunderbolt devices. Thunderstrike 2 Spreads Remotely Although the original Thunderstrike required an attacker to have physical access to your Mac computer to wor...

A zero-day software vulnerability discovered deep in the firmware of many Apple computers could allows an attacker to modify the system's BIOS and install a rootkit , potentially gaining complete control of the victim's Mac. The critical vulnerability, discovered by well-known OS X security researcher Pedro Vilaca, affects Mac computers shipped before mid-2014 that are allowed to go into sleep mode. While studying Mac security, Vilaca found that it's possible to tamper with Apple computer's UEFI (unified extensible firmware interface) code. UEFI is a low-level firmware designed to improve upon computer's BIOS, which links a computer's hardware and operating system at startup and is typically not accessible to users. But… Vilaca found that the machine's UEFI code can be unlocked after a computer is put to sleep and then brought back up. " And you ask, what the hell does this mean? " Vilaca wrote in a blog post published Friday. " It means th...

AI agents have rapidly evolved from experimental technology to essential business tools. The OWASP framework explicitly recognizes that Non-Human Identities play a key role in agentic AI security. Their analysis highlights how these autonomous software entities can make decisions, chain complex actions together, and operate continuously without human intervention. They're no longer just tools, but an integral and significant part of your organization's workforce. Consider this reality: Today's AI agents can analyze customer data, generate reports, manage system resources, and even deploy code, all without a human clicking a single button. This shift represents both tremendous opportunity and unprecedented risk. AI Agents are only as secure as their NHIs Here's what security leaders are not necessarily considering: AI agents don't operate in isolation . To function, they need access to data, systems, and resources. This highly privileged, often overlooked acces...

Apple is preparing to release the second update to OS X Yosemite in the coming days to its customers. The upcoming beta update OS X Yosemite 10.10.2 contains a patch for the Thunderstrike vulnerability that allows malware to be injected into Macs via the Thunderbolt port. Earlier this month, Reverse engineer Trammell Hudson revealed technical details and proof-of-concept of Thunderstrike attack . Thunderstrike, an undetectable bootkit, works by injecting an Option ROM into a Mac's EFI. It is possible because hardware attached to a system through Thunderbolt port are not as secure as a Mac itself. Once installed using Thunderstrike attack, the malware would be almost impossible to detect and remove. Because the firmware used on Macs doesn't always apply to the security of attached hardware. So "Apple had to change the code to not only prevent the Mac's boot ROM from being replaced, but also to prevent it from being rolled back to a state where the at...

A security researcher has discovered an easy way to infect Apple's Macintosh computers with an unusual kind of malware using its own Thunderbolt port . The hack was presented by programming expert Trammell Hudson at the annual Chaos Computer Congress (30C3) in Hamburg Germany. He demonstrated that it is possible to rewrite the firmware of an Intel Thunderbolt Mac . The hack, dubbed Thunderstrike , actually takes advantage of a years-old vulnerability in the Thunderbolt Option ROM that was first disclosed in 2012 but is yet to be patched. Thunderstrike can infect the Apple Extensible Firmware Interface (EFI) by allocating a malicious code into the boot ROM of an Apple computer through infected Thunderbolt devices. The hack is really dangerous as, according to the researcher, there is no means for the user to detect the hack, or remove it even by re-installation of the complete OS X, only because the malicious code actually is in the system's own separate ROM. " ...