New Zoom Bug Can Be Used to Steal Passwords, Access Your Webcam, Microphone

· Andrew Orr · Link

Zoom logo

Security researcher Patrick Wardle disclosed two Zoom bugs today. They can be used to steal Windows passwords and access your webcam and microphone. They do however require physical access to the machine.

In this blog post, we’ll start by briefly looking at recent security and privacy flaws that affected Zoom. Following this, we’ll transition into discussing several new security issues that affect the latest version of Zoom’s macOS client.

At this point, Zoom should just rewrite its software completely.

Jamf Gets Native Mac Security With Digita Security

· Andrew Orr · Link

Jamf logo

Enterprise Mac company Jamf has acquired Digita Security, bringing native Mac security to its platform.

Digita, a two-year old startup, was founded by a team of security experts led by Patrick Wardle, whose background includes a decade as a Mac security researcher, seeking out vulnerabilities on the Mac, and time at the NSA where he honed his security research skills.

Patrick makes a lot of great Mac tools with Objective See that I recommend.

Bypassing macOS Security With Synthetic Clicks

· Andrew Orr · Link

Security researcher Patrick Wardle found he can bypass macOS security by using synthetic clicks built with AppleScript.

Typically apps are signed with a digital certificate to prove that the app is genuine and hasn’t been tampered with. If the app has been modified to include malware, the certificate usually flags an error and the operating system won’t run the app. But a bug in Apple’s code meant that that macOS was only checking if a certificate exists and wasn’t properly verifying the authenticity of the whitelisted app.

Mr. Wardle refers to this as a “second stage” attack, because the hacker or malware needs access to your Mac to exploit this bug.

Apple Security Tool Unveiled at RSA Conference 2019

· Andrew Orr · Link

The RSA Conference is a series of computer security conferences. This year, security researcher Patrick Wardle announced a new tool for Macs called GamePlan.

…GamePlan, a tool that watches for potentially suspicious events on Macs and flags them for humans to investigate. The general concept sounds similar to other defense platforms, and it hooks into detection mechanisms—has a USB stick been inserted into a machine? has someone generated a screen capture? is a program accessing a webcam?—Apple already offers in macOS. But GamePlan, cleverly written with Apple’s GameplayKit framework, collects all of this data in a centralized stream and uses the videogame logic engine to process it.

I use a couple of Mr. Wardle’s security tools. I look forward to downloading GamePlan.