Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...

Les conférences Black Hat battent leur plein à Las Vegas, et les chercheurs en sécurité informatique qui se pressent durant ce raout n’ont pas manqué de pointer du doigt les vulnérabilités qui touchent les produits d’Apple : Thunderstrike 2 et dyld (qui serabouché avec OS X 10.10.5) ont occupé les gazettes cette semaine, tandis que d’autres failles sont annoncées.

Patrick Wardle, directeur de recherche pour Synack, a levé le voile sur plusieurs faiblesses d’OS X. Gatekeeper tout d’abord : ce système qui, une fois activé, n’installe que les logiciels dument signés peut être contourné. En utilisant des bibliothèques dynamiques qui injectent du code vérolé dans des applications pourtant identifiées comme sûres, il est possible d’infecter un Mac.

Plus généralement, il estime que développer un malware pour OS X est facile et qu’Apple devrait mettre en place une véritable stratégie pour la sécurité de ses produits, même s’il reconnait que des efforts sont faits en ce sens. La popularité toujours plus forte des Mac et des appareils iOS oblige le constructeur à en faire plus, les plateformes d’Apple étant apparues sur le radar des malandrins du code.

Image credit (posted on Facebook) <===> http://www.pcworld.com/article/2955707/security/macs-can-be-remotely-infected-with-firmware-malware-that-remains-after-reformatting.html

Mehr erfahren / En savoir plus / Learn more:

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Thunderstrike

One door closes, another one opens

Apple introduced security patches in OS X 10.10.2, released at the end of January 2015, in an attempt to shut off the Thunderstrike hole.

Unfortunately, it seems that Apple didn't close all the doors.

Hudson, together with two other researchers named Xeno Kovah and Corey Kallenberg, have figured out Thunderstrike 2, which they'll be showing off at Black Hat USA 2015 and Def Con, two security events taking place back-to-back this week in Las Vegas.

They've actually gone one step further with Thunderstrike 2.

As well as using a booby-trapped Thunderbolt Option ROM to modify your Mac's firmware, they've figured out how to include a virus in the modified firmware code.

Their virus will, in turn, attempt to modify the firmware of Thunderbolt devices you insert from then on, thus turning them into carriers of the firmware booby trap, too.

With a touch of techie humour, they've dubbed their firmware-borne virus a "firmworm".

Thunderbolt devices, of course, include removable hard disks...

...in an echo of Stuxnet, the virus that used USB devices to travel between computers on physically separate networks.

Unfortunately, while USB disks carrying Stuxnet could be purged altogether by overwriting them from inside your operating system, infectious Thunderbolt devices can't be cleaned up, or even detected, in that way.

Mehr erfahren / En savoir plus / Learn more:

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Thunderstrike

Deux découvertes montrent que la sécurité des Mac est toute relative. Des chercheurs ont à la fois trouvé un exploit utilisant une faille zero day récemment découverte et ont créé un prototype d’attaque ciblant le firmware des ordinateurs d’Apple.

Avec le lancement de Windows 10, on aurait presque oublié Mac OS X. Les hackers ne l’oublient pas et avec le développement des Mac (cf le mega contrat entre Apple et IBM qui pourrait s’équiper de 200 000 Macbook), ces derniers deviennent des cibles pour les cybercriminels.

En quelques jours, deux équipes de chercheurs ont démontré les faiblesses de sécurité de l’OS et des ordinateurs d’Apple. Premier en piste, des chercheurs de Malwarebytes ont découvert un installateur de logiciel malveillant qui s’appuie sur une faille zero day. Cette dernière a été trouvée la semaine dernière par Stefan Esser dans les dernières versions de Mac OS X.

Mehr erfahren / En savoir plus / Learn more:

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Thunderstrike

When companies claim their products are unhackable or invulnerable, it must be like waving a red flag in front of bulls as it practically dares security researchers to prove otherwise. Apple previously claimed that Macs were not vulnerable to the same firmware flaws that could backdoor PCs, so researchers proved they could remotely infect Macs with a firmware worm that is so tough to detect and to get rid of that they suggested it presents a toss your Mac in the trash situation.

Learn more:

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Thunderstrike

C'est la première fois qu'une telle menace est observée chez Apple. Elle ne peut pas être détectée par les anti-virus et est difficilement patchable.

Image credit (posted on Facebook) <===> http://www.pcworld.com/article/2955707/security/macs-can-be-remotely-infected-with-firmware-malware-that-remains-after-reformatting.html

Mehr erfahren / En savoir plus / Learn more:

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Thunderstrike

#NAnother serious vulnerability has been found at the heart of Macs and MacBooks, and could be exploited by an undetectable firmware worm.

Shouldn't Apple be doing more to encourage vulnerability ...

The really bad news is that Apple isn't doing enough to work with these researchers, and could be doing much more to ensure that their discoveries are only made public when a fix is available.

Other technology companies are offering sizeable bug bounties to researchers who work with them to uncover security holes, whereas Apple — one of the richest companies in the world — doesn't even bother to dangle the carrot of a $10 iTunes voucher, preferring to name bug reporters on a "hall of fame" page instead.

Mehr erfahren / En savoir plus / Learn more:

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Thunderstrike

Researchers created Thunderstrike 2 firmware malware that could remotely infect Apple computers and remain even if a user were to wipe the hard drive and reinstall OS X.

When companies claim their products are unhackable or invulnerable, it must be like waving a red flag in front of bulls as it practically dares security researchers to prove otherwise. Apple previously claimed that Macs were not vulnerable to the same firmware flaws that could backdoor PCs, so researchers proved they could remotely infect Macs with a firmware worm that is so tough to detect and to get rid of that they suggested it presents a toss your Mac in the trash situation.

Firmware runs when you first boot a machine; it launches the operating system. For Apple computers, the firmware is called the extensible firmware interface (EFI). Most people believe Apple products are superior when it comes to security, but the researchers want to “make it clear that any time you hear about EFI firmware attacks, it’s pretty much all x86 [computers].” Attackers need only a few seconds to remotely infect Mac firmware. Macs infected with Thunderstrike 2 would remain infected even if a user were to wipe the hard drive and reinstall the OS, as that doesn’t fix a firmware infection.

Learn more:

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security

http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=Thunderstrike