Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...
16.1K views | +0 today
Follow
Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...
Education Technology
Everything related to the (in)security of Apple products
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Scooped by Gust MEES
Scoop.it!

Sur Mac, deux failles dans Firefox exploitées contre des plateformes de cryptomonnaies

Sur Mac, deux failles dans Firefox exploitées contre des plateformes de cryptomonnaies | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
From www.macg.co - June 22, 2019 6:54 AM

Des hackers ont exploité deux failles dans Firefox pour installer un porte dérobée sur des Mac. Mozilla a comblé les vulnérabilités avec la version 67.0.4 de Firefox sortie hier. La mise à jour est donc chaudement recommandée à tous les utilisateurs (elle s’applique normalement automatiquement lors d’un redémarrage).

Les hackers ont visé des employés de Coinbase, une plateforme populaire d’achat et de vente de cryptomonnaies. D’après le responsable de la sécurité de Coinbase, l’attaque a été bloquée et aucun utilisateur de la plateforme n’aurait été visé directement. Il ajoute que d’autres plateformes cryptomonnaies ont été la cible d’une attaque identique.

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

https://www.scoop.it/topic/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=Browsers

 

Gust MEES's insight:

Des hackers ont exploité deux failles dans Firefox pour installer un porte dérobée sur des Mac. Mozilla a comblé les vulnérabilités avec la version 67.0.4 de Firefox sortie hier. La mise à jour est donc chaudement recommandée à tous les utilisateurs (elle s’applique normalement automatiquement lors d’un redémarrage).

Les hackers ont visé des employés de Coinbase, une plateforme populaire d’achat et de vente de cryptomonnaies. D’après le responsable de la sécurité de Coinbase, l’attaque a été bloquée et aucun utilisateur de la plateforme n’aurait été visé directement. Il ajoute que d’autres plateformes cryptomonnaies ont été la cible d’une attaque identique.

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

https://www.scoop.it/topic/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=Browsers

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Firefox Zero-Day Used to Install Mac Malware | #CyberSecurity #Apple #NobodyIsPerfect #Browsers

Firefox Zero-Day Used to Install Mac Malware | #CyberSecurity #Apple #NobodyIsPerfect #Browsers | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
From www.extremetech.com - June 21, 2019 6:21 PM

Before either of those patches rolled out, Mozilla became aware of an attack leveraging both vulnerabilities. At the time, we only knew the attacks had something to do with Coinbase as the initial bug report came from a researcher who works on both Google’s Project Zero and the Coinbase security team. Now, Coinbase’s head of security Philip Martin says the attack was aimed at Coinbase employees and not users. Martin also notes that other exchanges were targeted in the attacks, although none have stepped forward.

Meanwhile, Apple security expert Patrick Wardle published an analysis of malware that appears to have installed itself on a fully updated Mac. The hash provided by Wardle matches one from Martin, and the victim of the attack was involved with a cryptocurrency exchange until very recently. Unfortunately, the malware is novel and avoided Apple’s protection mechanisms, but Wardle believes that Apple will have a patch to change the way macOS scans files downloaded by applications rather than the user.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

https://www.scoop.it/topic/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=Browsers

 

Gust MEES's insight:

Before either of those patches rolled out, Mozilla became aware of an attack leveraging both vulnerabilities. At the time, we only knew the attacks had something to do with Coinbase as the initial bug report came from a researcher who works on both Google’s Project Zero and the Coinbase security team. Now, Coinbase’s head of security Philip Martin says the attack was aimed at Coinbase employees and not users. Martin also notes that other exchanges were targeted in the attacks, although none have stepped forward.

Meanwhile, Apple security expert Patrick Wardle published an analysis of malware that appears to have installed itself on a fully updated Mac. The hash provided by Wardle matches one from Martin, and the victim of the attack was involved with a cryptocurrency exchange until very recently. Unfortunately, the malware is novel and avoided Apple’s protection mechanisms, but Wardle believes that Apple will have a patch to change the way macOS scans files downloaded by applications rather than the user.

 

Learn more / En savoir plus / Mehr erfahren:

 

https://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

 

https://www.scoop.it/topic/apple-mac-ios4-ipad-iphone-and-in-security/?&tag=Browsers

 

more...
No comment yet.
Sign up to comment
About Follow us Resources Terms Mobile Features
Facebook
X
LinkedIn