http://www.theguardian.com/technology/2014/nov/06/apple-mac-iphone-security-malware
By Alex Hern
The Guardian
6 November 2014
Users of Apple’s Mac OS X are being warned to watch out for not one, but
two new weaknesses in the platform which can be used in attacks – one of
which is already in the wild.
The first, known as Rootpipe, affects multiple versions of Mac OS X,
including the newest release, Yosemite. It lets an attacker gain “root”
control of a computer, the highest level of access, without having to know
a password.
Rootpipe could theoretically allow a hacker to install any malicious
software that could be used to steal credit cards details or other
personal data, among other things.
The other, called Wirelurker, is the first malware seen in the wild which
targets iOS devices that haven’t been jailbroken. Wirelurker could be used
to extract basic personal information from a phone. It tricks the user
into installing it on their Mac, and then waits until an iPhone or iPad is
plugged in over USB before using the trusted relationship between the two
to install software on the mobile device.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
