f5-nz logo
Story image

MacOS High Sierra zero-day shows Keychain passwords in plain text

27 Sep 2017
Sara Barker
Share:

MacOS users who are starting the upgrade to High Sierra – and  those who are using El Capitan – are vulnerable to a proof-of-concept attack that shows their online passwords in plain text, according to Synack security researcher Patrick Wardle.

He discovered that Mac Keychain, a native password management tool, can store online account usernames and passwords in plain text, allowing malicious applications direct access to the account details. However, the Keychain is generally protected by a master password.

Wardle revealed the details in a video that showed a demonstration of the attack.

Related stories:
New wormable Android malware discovered through auto-replies in WhatsApp
LG quits the smartphone business
2021's Most Wanted: Emotet continues reign as top malware threat 
Hands-on review: The 2020 iPad Air
Worldwide smartphone market grew 4.3% in Q4 2020, improving over Q3 decline
Apple reclaims spot as world’s most valuable brand
Dig deeper:
Synack Malware Apple macOS
Story image
Online gaming spikes as consumers seek social connection and entertainment
The desire to stay connected and entertained while stuck at home during the pandemic has driven online gaming popularity.More
Story image
Epson group sites to use 100% renewable electricity by 2023
"Going forward, we will steadily advance measures to use 100% renewable electricity."More
Story image
OPPO's Find X3 smartphone series shoots for one billion colours
OPPO has launched itself back into the smartphone market with the release of its new ‘premium and futuristic’ Find X3 Series.More
Story image
Double-digit growth ahead for smart home devices as consumers embrace home automation
"Sales of smart home devices have remained fairly resilient during the global Covid-19 pandemic."More
Story image
Java, machine learning, AI amongst most important programming skills - report
Software architecture, Java and machine learning are amongst the top programming skills ranked by software engineers as important to their role in 2021.More
Story image
Remote working is here to stay, but do business leaders trust employees?
Remote work is at a crossroads. While necessitated by the pandemic, workers have reaped the benefits of greater flexibility that they are now not willing to go without.More
Story image
Online gaming spikes as consumers seek social connection and entertainment
The desire to stay connected and entertained while stuck at home during the pandemic has driven online gaming popularity.More
Story image
Epson group sites to use 100% renewable electricity by 2023
"Going forward, we will steadily advance measures to use 100% renewable electricity."More
Story image
OPPO's Find X3 smartphone series shoots for one billion colours
OPPO has launched itself back into the smartphone market with the release of its new ‘premium and futuristic’ Find X3 Series.More
Story image
Double-digit growth ahead for smart home devices as consumers embrace home automation
"Sales of smart home devices have remained fairly resilient during the global Covid-19 pandemic."More
Story image
Java, machine learning, AI amongst most important programming skills - report
Software architecture, Java and machine learning are amongst the top programming skills ranked by software engineers as important to their role in 2021.More
Story image
Remote working is here to stay, but do business leaders trust employees?
Remote work is at a crossroads. While necessitated by the pandemic, workers have reaped the benefits of greater flexibility that they are now not willing to go without.More
Story image
Fujitsu, Trend Micro team up to secure private 5G
"We believe that this security solution represents a key technology for applying private 5G to mission-critical areas."More
Story image
Three quarters of employees feel worse a year into remote working - study
Remote workers are still struggling with distracting working environments, stress and an always-on culture after a year of working from home, according to new research by Egress.More
Story image
Hybrid working should not be business as usual - Microsoft study
A new report from Microsoft uncovers seven hybrid work trends every business leader must know as we enter a new era of work.More
Story image
Game review: Doom 3: VR Edition (PSVR)
If you are a fan of horror and VR shooters, this is one PSVR game you shouldn’t miss.More
Story image
Hands-on review: Swann Tracker Security Camera
The Wi-Fi Tracker Security Camera brings some of Swann's veteran security know-how to a standalone product for keeping an eye on your things.More
Story image
Hands-on review: OPPO Find X3 Pro
The Find X3 Pro has a juicy set of specs. After a week of playing with some of the features, they have hooked me.. again!More
Story image
Hands-on review: Connect Smart transforms dumb houses into smart homes
Connect Smart recently announced its range of smart home products, primarily for the Australian market.More
Story image
Intel unleashes its 11th generation of desktop CPUs
Reaching speeds of up to 5.3 gigahertz with Intel Thermal Velocity Boost, the Intel Core i9-11900K is aimed squarely at gamers and PC enthusiasts.More
Story image
World Backup Day - WD My Passport and Sandisk iXpand Luxe
If you’ve never backed up your data, you are not alone - 30% of people have never backed up their stuff. More
Story image
Two thirds of APAC website traffic now mobile - study
Despite the increase, half of mobile users bounce after viewing just one page.More
Story image
Poly A/NZ on working from anywhere: Tips and tricks from industry experts
"The clarity in audio and beautiful video allows people to work better together."More
Story image
EPOS crafts quality audio solutions for all working environments
With many key business stakeholders unable to attend in-person meetings as easily as they once did, webinars meetings, and online presentations became a mainstay of virtual business.More
Story image
Game review: Fallen Legion Revenants (PS4)
Fallen Legion Revenants is a new JRPG that utilises the old-school turn-based system that will please older RPG fans. More
Story image
Game review: Fitness Boxing 2: Rhythm & Exercise
It is not about how accurately you perform a punch; you have to think about how the accelerometer reads it.More
Story image
Game review – Ys IX: Monstrum Nox
If you are into action games, I’m sure you’ll fall in love with this new game. More
Story image
5G comes to the Mount as Vodafone starts rolling out next gen mobile tech in the Bay of Plenty
Locals and businesses in parts of Tauranga can now connect to Vodafone 5G and the coverage footprint will soon expandMore
Story image
2K A/NZ unveils life-size NBA 2K21 LEGO statue
2K Australia and New Zealand has teamed up with The Brickman to create a one-of-a-kind statue of NBA superstar, Zion Williamson. More
Story image
Advanced threat actors engaged in cyberespionage up their game
"This recent activity signals a major leap in their abilities."More
Story image
EPOS launches collaborative speakerphone with automatic transcribing
Expand Capture 5 levels the playing field and empowers professionals whether they’re working remotely or from the office.More
Story image
New Dyson air purifier attacks indoor pollutants
Dyson has taken its problem-solving approach and applied it to the problem of formaldehyde.More
Story image
2talk launches mobile plans, offers complete communications solution
The additions provides organisations across New Zealand easy access to complete single-source communications.More
The Warehouse Group expands EV fleet with introduction of EV trucks for home deliveries
The trucks add to the Group’s expanding fleet of light electric vehicles and will operate in Auckland, Hamilton, Tauranga and Christchurch.More
Hands-on review: Skullcandy Indy ANC wireless earbuds
The Skullcandy Indy ANC wireless earbuds are comfortable to wear, offer good audio and a reasonable level of active noise cancelling. More
Microsoft Exchange breach a wake-up call to ditch the server
"There are owners who still have in-house exchange servers because they are suspicious of the cloud or have concerns about their data sovereignty or don't want to contemplate the capital expenditure. But the warning is clear. Get rid of them."More
Game review: Super Mario 3D World + Bowser's Fury
Unlike older 2D Mario platformers, Super Mario 3D World tries to introduce a new mechanic or a new scenario or power-up in each level so that each level is exciting.More
Hands-on review: D-Link Full HD Wi-Fi Camera
D-Link’s cameras continue to get smaller, smarter, and easier to use.More
LG quits the smartphone business
It becomes the first major smartphone brand to exit the market.More
Exploits on organisations doubling every two to three hours after news of Microsoft Exchange’s four zero-day vulnerabilities
The race has started between hackers and security professionals following the disclosure of vulnerabilities on Microsoft Exchange Servers, according to Check Point Research.More
"Zoom anxiety" major problem one year into pandemic
"it’s clear that for many video calls bring with them their own set of challenges."More
Hackers offering forged “official” COVID vaccination certificates and negative test results on dark net 
There has been a 350% increase in the number of advertisements selling alleged COVID vaccines within the last three months.More
Hands-on review: The JBL Club Pro+ TWS wireless earbuds
These earbuds hit the right notes in terms of design and reasonable ANC. More
Samsung releases new Galaxy A Series lineup
The Korean electronics giant introduced its Samsung Galaxy A32, A52, A72 and A52 5G smartphones last week, with the latter bringing the realm of 5G-capable smartphones into an affordable price range.More
Commission completes review of consumer mobile phone bills 
In September 2020, the Commission published an open letter to Spark, Vodafone and 2degrees asking them to share their plans for providing their customers with more meaningful product and service comparisons and to guard against overspending. More
Hands-on review: Audiofly AFT2 wireless earbuds
The AFT2 case is going to be very uncomfortable in your pocket unless you’ve fully transitioned to sweat pants by now.More
Hands-on review: Huawei Sound
When I think about buying a speaker for my space, Huawei does not usually come to mind. More
Over half of ransomware victims pay up - but does it work?
"Handing over money doesn’t guarantee the return of data, and only encourages cybercriminals to continue the practice."More
New wormable Android malware discovered through auto-replies in WhatsApp
Check Point Research has discovered new malware on Google’s Play Store that could spread through WhatsApp messages. More
Hands-on review: AndaSeat Fnatic Edition gaming chair
The AndaSeat Fnatic Edition has quickly become my favourite place to sit.More
Employer micromanagement during pandemic harming relationships - study
The pandemic had adverse effects on managerial relationships, micromanaging, and communication, according to new research from Blind. More
More stories