exploit

By MacRumors Staff

exploit Articles

Apple Paid Hacker $75,000 for Uncovering Zero-Day Camera Exploits in Safari

Friday April 3, 2020 3:58 am PDT by Tim Hardwick
Apple paid out $75,000 to a hacker for identifying multiple zero-day vulnerabilities in its software, some of which could be used to hijack the camera on a MacBook or an iPhone, according to Forbes. A zero-day vulnerability refers to a security hole in software that is unknown to the software developer and the public, although it may already be known by attackers who are quietly exploiting...

Android Security Flaw Let Apps Access People's Cameras for Secret Video and Audio Recordings

Tuesday November 19, 2019 11:09 am PST by Juli Clover
A security flaw in Android smartphones from companies like Google and Samsung allowed malicious apps to record video, take photos, and capture audio, uploading the content to a remote server sans user permission. The vulnerability was discovered by security firm Checkmarx, and was highlighted today by Ars Technica. The flaw had the potential to leave high-value targets open to having their...

Researcher Gives Apple Details of macOS Keychain Security Flaw Despite No Mac Bug Bounty Program

Monday March 4, 2019 2:10 am PST by Tim Hardwick
A German teenager who discovered a macOS Keychain security flaw last month has now shared the details with Apple, after having initially refused to hand them over because of the company's lack of a bug bounty program for the Mac. Eighteen-year-old Linus Henze dubbed the zero-day macOS vulnerability he found "KeySteal," which, as demoed in the video above, can be used to disclose all...

Intel CEO Pledges Commitment to Security Following Meltdown and Spectre Vulnerabilities

Thursday January 11, 2018 2:46 pm PST by Juli Clover
Intel CEO Brian Krzanich today wrote an open letter to Intel customers following the "Meltdown" and "Spectre" hardware-based vulnerabilities that impact its processors. In the letter, Krzanich says that by January 15, updates will have been issued for at least 90 percent of Intel CPUs introduced in the past five years, with updates for the remainder coming at the end of January. For Apple...

Researchers Uncover macOS and Safari Exploits at Pwn2Own 2017

Thursday March 16, 2017 2:13 am PDT by Tim Hardwick
The seventeenth annual CanSecWest security conference is underway in downtown Vancouver, British Columbia, where researchers are competing in the 10th anniversary Pwn2Own computer hacking contest for over $1 million in prizes. Day one results have already been published over at the Zero Day Initiative website, with a couple of successful Mac-related exploits already appearing in the list of...

Security Flaw in iOS 9.3.1 Allows Access to iPhone Photos and Contacts

Tuesday April 5, 2016 2:07 am PDT by Tim Hardwick
A video surfaced online yesterday purporting to show a vulnerability in iOS 9.3.1 that allows anyone to access photos and contacts on a locked iPhone without having to enter a passcode. The YouTube video, uploaded by Jose Rodriguez and first spotted by The Daily Dot, depicts a user performing a Siri search followed by a series of relatively simple steps, one of which involves 3D Touch,...

Researchers Uncover Multiple OS X and Safari Exploits at Pwn2Own 2016

Thursday March 17, 2016 12:01 pm PDT by Joe Rossignol
The sixteenth annual CanSecWest security conference is underway in downtown Vancouver, British Columbia, and researchers participating in the Pwn2Own computer hacking contest have already discovered multiple vulnerabilities in OS X and the Safari web browser on the desktop. On day one of the event, independent security researcher JungHoon Lee earned $60,000 after exploiting both OS X and...

OS X 10.10.2 Includes Fix for 'Thunderstrike' Hardware Exploit Affecting Macs

Monday January 26, 2015 7:47 am PST by Joe Rossignol
Apple is readying a fix in OS X 10.10.2 for the so-called "Thunderstrike" hardware exploit targeting Macs equipped with Thunderbolt ports, iMore has learned. According to the report, Apple patched the vulnerability by making code changes in the upcoming software update that prevent a Mac's bootrom from being replaced or rolled back to a previous state in which it could be attacked.To secure...