Connect with us
vulnerabilidad mac vulnerabilidad mac

News

Serious flaw in macOS could allow the theft of all your private data

Published

on

Following Microsoft’s discovery of the Shrootless vulnerability in October last year, the company claims to have discovered a new vulnerability in macOS that it claims could be exploited to gain unauthorized access to users’ private data.

Although by some user there is the belief that viruses or vulnerabilities cannot enter the Apple operating system, the news tells us otherwise. Malware is usually a constant concern, as they are capable of steal our most confidential data, accounts and hijack all kinds of information.

TCC technology

Tracked as CVE-2021-30970 the new vulnerability known as “Powerdir”, found by the Microsoft 365 Defender research team could allow an attacker to circumvent Transparency, Consent and Control (TCC) technology in Apple’s desktop operating system, the company writes in its official blog.

After first introduced in 2012 in macOS Mountain Lion, TCC (Transparency, Consent and Control) was created in order to help Mac users configure privacy settings for their applications. These settings include which applications have access to the camera, the microphone or the location of a device, in addition to the calendar or the iCloud account of each user. To protect TCC, Apple introduced a feature to prevent unauthorized code execution enforcing a policy that restricted access to TCC only to applications with full disk access.

“There are two types of TCC databases. The user-specific database stores permission types that only apply to a specific user profile, while the system-wide database contains stored permission types that are applied at the system level and can be accessed. . by users with root or full access to the disk ”.

Powerdir vulnerability

The Microsoft 365 Defender research team has found that it is possible to programmatically change the home directory of a target user alreadyassociate a fake TCC database capable of storing the consent history of application requests.

If the Powedir vulnerability is exploited on unpatched systems it could allow entry of a malicious actor based on a user’s protected personal data. For example, it would be possible that the attacker managed to access an application installed on our device, and even install his own malicious application by accessing the microphone of a MacBook. This could achieve record private conversations or take screenshots of confidential information.

It is not the first time that a vulnerability of this type has been detected and later repaired, but it was when examining some last corrections that Microsoft found Powedir. The team had to update your exploit Proof of Concept (POC) because the initial version no longer worked on the latest version of macOS Monterey.

Following the discovery, Microsoft shared this finding with Apple through Coordinated Vulnerability Disclosure (CVD), to which Apple responded by releasing a fix as part of a series of security updates the company released in December last year. If you are a macOS user, the most convenient is download and apply latest security updates possible.

Click to comment

Leave a Reply

Your email address will not be published.

Phones

Samsung is preparing a smartphone that will be weaker than its predecessor two years ago. Galaxy M54 will receive SoC Exynos 1380

Published

on

Samsung is preparing a smartphone that will be weaker than

Smartphone Samsung Galaxy M54 lit up in the Geekbench database. Unfortunately, as previously reported, he will not receive any SoC Snapdragon 888, although this is expected.

Samsung is preparing a smartphone that will be weaker than its predecessor two years ago.  Galaxy M54 will receive SoC Exynos 1380

Samsung’s mid-budget novelty will receive the same platform as the Galaxy A54. Probably, the Galaxy A34 will also receive it.

We are talking about the not yet presented Exynos 1380, which will replace the Exynos 1280. In the benchmark, the new SoC scores 750 and almost 2700 points in single-threaded and multi-threaded modes, respectively. And this is almost the level of Snapdragon 778G, that is, this is an excellent result for a mid-budget smartphone. True, we are only talking about processor performance, and we do not yet know which GPU the new SoC will receive.

Samsung is preparing a smartphone that will be weaker than its predecessor two years ago.  Galaxy M54 will receive SoC Exynos 1380

It is also worth noting that the Galaxy M52 was also based on the Snapdragon 778G, and the Galaxy M53 received a slightly less productive Dimensity 900. Thus, the Galaxy M54 model, at least in terms of the processor part, will be slightly inferior even not to its predecessor, but to the device two years ago.

Continue Reading

Phones

Bullitt Group and MediaTek want to launch a satellite-enabled smartphone

Published

on

Bullitt Group and MediaTek want to launch a satellite enabled smartphone

The British manufacturer Bullitt Group, which produces devices under the brands CAT and Motorola, intends to release a smartphone with satellite communications. They want to implement this project together with the Chinese chipmaker MediaTek.

Bullitt Group and MediaTek want to launch a satellite-enabled smartphone

It is assumed that the new smartphone will provide calls and text data via satellite, although it is not yet clear how this will work. The device itself will be released in the first quarter of 2023.

The novelty has been developed for two years, so the project is nearing completion. According to Bullitt Group co-founder Richard Wharton, previously the seamless integration of satellite communications into a smartphone was accompanied by problems, but now they are solved.

The new phone will be the first to use MediaTek’s 3GPP NTN chipset. The software will keep track of what type of connection is currently being used – Wi-Fi or cellular network. The connection to the satellite will be carried out only in the absence of both of these options.

It is claimed that the time to connect to the satellite and send a message is about 10 seconds. This is longer than a regular connection, but still pretty fast.

Note that Apple already has this and Samsung will soon have it.

Continue Reading

Components

The GeForce RTX 4080 can also be overclocked to incredible frequencies. Galax RTX 4080 SG took the frequency over 3.6 GHz on the core

Published

on

The GeForce RTX 4080 can also be overclocked to incredible

Galax continues to prove that they are one of the best when it comes to overclocking graphics cards. After the departure of EVGA, Galax as a whole is probably the only company that places a strong emphasis on this direction.

The GeForce RTX 4080 can also be overclocked to incredible frequencies.  Galax RTX 4080 SG took the frequency over 3.6 GHz on the core

The GeForce RTX 4080 SG model was able to overclock to a frequency of over 3.6 GHz on the core. More precisely, we are talking about a frequency of 3615 MHz. This is slightly less than the RTX 4090 HOF at 3.8 GHz, but it’s still an incredible figure. Especially if you keep in mind that the GeForce RTX 4080 SG is no match for the HOF versions. At the same time, it is not yet known whether Galax will release the RTX 4080 HOF.

The GeForce RTX 4080 can also be overclocked to incredible frequencies.  Galax RTX 4080 SG took the frequency over 3.6 GHz on the core

Galax, unfortunately, does not disclose overclocking details, but it can be assumed that we are talking about the use of liquid nitrogen, as in the case of extreme overclocking RTX 4090 HOF.

Continue Reading

Most Popular