Trammell Hudson (@qrs) developed the Thunderstrike exploit based on inherent security issues with the way Apple validates, updates, and boots from the boot ROM. The exploit takes advantage of the fact that Apple allows secure booting without hardware (software checks the ROM, but doesn’t perform a checksum!). Since the Thunderbolt port provides a way to …
Category: Apple Security
Oct 01 2014
ShellShock/BashBug – Bash Vulnerability Affects Linux, Unix, & Mac OSX
10/01/2014 Updates: Shellshock: Vulnerable Systems you may have missed and how to move forward VMware Begins to Patch Bash Issues Across Product Line Honeypot Snares Two Bots Exploiting Bash Vulnerability Updated (9/29/2014): PowerCLI script for checking VMWare systems.for BashBug vulnerability ShellShock webscanner Dark Reading: New BashBug vulnerabilities surface Dark Reading: Making Sense of ShellShock Chaos …
Aug 13 2014
Apple iOS Security Whitepaper
In February of this year, 2014, Apple released an updated whitepaper describing Apple iOS Security. Overall, the operating system and its components are very securely designed. The Table of Contents: Introduction System Security Secure Boot Chain System Software Authorization Secure Enclave Touch ID Encryption and Data Protection Hardware Security Features File Data Protection Passcodes Data …
Recent Comments