[ad_1]
usually the worst What happens when you open dozens of browser tabs is that you can’t find the one that suddenly starts playing random ads. But a set of macOS vulnerabilities that Apple fixed late last year could expose your Safari tabs and other browser settings for an attack that could allow hackers to take control of your online accounts, turn on your microphone or take a pass through your webcam.
MacOS has built-in protections against such attacks, including Gatekeeper, which confirms the validity of software running on your Mac.but this hacker Bypass these protections by abusing iCloud and Safari features that macOS already trusts. While looking for potential weaknesses in Safari, independent security researcher Ryan Pickren set out to investigate iCloud’s document-sharing mechanism because of the inherent trust between iCloud and macOS. When you share iCloud documents with other users, Apple uses a behind-the-scenes app called “ShareBear” to coordinate the transfer. Pickren discovered that he could manipulate ShareBear to deliver malicious files to victims.
In fact, the file itself doesn’t even have to be malicious in the first place, making it easier to provide victims with something compelling and entice them to click. Pickren found that because of the trust relationship between Safari, iCloud, and ShareBear, attackers could actually later re-access content they shared with their victims, and then silently swap files for malicious ones. All of this can happen without the victim receiving a new prompt from iCloud or realizing that anything has changed.
Once a hacker has launched an attack, they can basically take over Safari, see what the victim sees, gain access to the account the victim is logged into, and abuse the permissions the victim has granted the site to access their camera and microphone. The attacker can also access other files stored locally on the victim’s Mac.
“The attacker basically punched a hole in the browser,” said Ryan Pickren, a security researcher who disclosed the vulnerability to Apple. “So if you’re logged into Twitter.com on a tab, I can jump in and do everything you can on Twitter.com. But it’s not about Twitter’s servers or security, I’m just playing you as an attacker Roles already in the browser.”
in October, Apple Patch Vulnerability in Safari’s WebKit engine and modified in iCloud.And in December it patched A related vulnerability in its Script Editor code automation and editing tool.
“It’s an impressive exploit chain,” said Patrick Wardle, a longtime researcher and founder of the macOS security nonprofit Objective-See. “It’s clever by exploiting design flaws and creatively using built-in macOS features to circumvent defense mechanisms and break the system.”
Pickren previously discovered a series of Safari vulnerabilities Enable webcam takeover. He disclosed the new findings in mid-July through Apple’s bug bounty program, which awarded him $100,500. The amount is not unprecedented for Apple’s disclosure program, but reflects the seriousness of the breach.In 2020, for example, the company $100,000 paid A critical flaw in its Sign In With Apple single sign-on system.
However, Safari and Webkit have a specific security challenges, because they are such a massive platform.Apple is also going through a tough time get a handle Regarding the question, even when Vulnerabilities are public for weeks or months.
[ad_2]
Source link
