Monday, July 15, 2024
EHA

New Unpatched macOS Flaw Allow Hackers to Spy on Safari Browser History

Security Researcher discovered a vulnerability in macOS Mojave let malware apps bypass the privacy protection and read the safari browser web history.

macOS Mojave has strictly restrict some of the folder by default and it provide special access for very few apps.

But the newly uncovered flaw bypass the Mojave privacy protection and allow the malicious app to access the folder without any further permission from the users and system.

Jeff Johnson, A researcher who claimed that the flaw exists in every version of Mojave, including macOS Mojave 10.14.3 , a new released version on Feb 7.

In this case, the flow allows attacker to inject the crafted malicious apps to bypass the flaw and read the Safari browsers history.

Jeff said in his report, ” My bypass works with the “hardened runtime” enabled. Thus, an app with the ability to spy on Safari could be “notarized” by Apple (as long as it passed their automated malware checks, which I suspect would be no problem). My bypass does not work with sandboxed apps, as far as I can tell.

Jeff developed the browser extension called StopTheMadness that helps user to provide a smooth browsing experience in Safari, Firefox, and Google Chrome.

He claimed that, “StopTheMadness” extension never spy on you or your browsing history due to this privacy protection flaw and the bypass process uses a completely different method. Moreover, StopTheMadness is sandboxed.

He already reports to Apple regarding this flaw and got the automated acknowledgment but Apple doesn’t provide any bug bounty program for macOS flaws as we have seen earlier Zero-day flaw that was reported by Linus Henze.

There is no technical information available for this unpatched flaw since he reported to Apple in this regarding and waiting for the fixes and the bug to be resolved.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

macOS Zero-day Flaw Allow Hackers to Bypass Kernel Protection by Invisible Mouse Click Attack

Lazarus APT Group Attack Cryptocurrency Exchange using macOS Malware Under the Operation AppleJeus

LamePyre – macOS Malware That Takes Screenshots Repeatedly and Sends to Attacker

Multiple Malicious Fitness Tracker apps Abusing Apple’s Touch ID Feature To Steal Money From iOS Users

5 Things You Need To Do Before Selling iPhone

New Unpatched macOS Zero-day Flaw Allows Attackers to Read Passwords in Plain Text & System Data


Website

Latest articles

Critical Cellopoint Secure Email Gateway Flaw Let Attackers Execute Arbitrary Code

A critical vulnerability has been discovered in the Cellopoint Secure Email Gateway, identified as...

Singapore Banks to Phase out OTPs for Bank Account Logins Within 3 Months

The Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS)...

GuardZoo Android Malware Attacking military personnel via WhatsApp To Steal Sensitive Data

A Houthi-aligned group has been deploying Android surveillanceware called GuardZoo since October 2019 to...

ViperSoftX Weaponizing AutoIt & CLR For Stealthy PowerShell Execution

ViperSoftX is an advanced malware that has become more complicated since its recognition in...

Malicious NuGet Campaign Tricking Developers To Inject Malicious Code

Hackers often target NuGet as it's a popular package manager for .NET, which developers...

Akira Ransomware Attacking Airline Industry With Legitimate Tools

Airlines often become the target of hackers as they contain sensitive personal and financial...

DarkGate Malware Exploiting Excel Files And SMB File Shares

DarkGate, a Malware-as-a-Service (MaaS) platform, experienced a surge in activity since September 2023, employing...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles