Beyond the permissions wall. [Research Saturday]
CyberWire Daily28 Syys 2024

Beyond the permissions wall. [Research Saturday]

We are joined by Yves Younan, Senior Manager, Talos Vulnerability Discovery and Research from Cisco, discussing their work on "How multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing permissions." Cisco Talos has uncovered eight vulnerabilities in Microsoft applications for macOS that could allow attackers to exploit the system's permission model by injecting malicious libraries. By leveraging permissions already granted to these apps, attackers could gain access to sensitive resources like the microphone, camera, and screen recording without user consent. While Microsoft considers these issues low risk and has declined to fix them, the vulnerabilities pose a potential threat to user privacy and security. The research can be found here: How multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing permissions Learn more about your ad choices. Visit megaphone.fm/adchoices

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(3677)

AI behind the velvet rope.

AI behind the velvet rope.

The White House keeps frontier AI models on a short leash. Russian threat actors increasingly target secure messaging platforms. DirtyClone is a high-severity Linux kernel privilege escalation flaw. A...

29 Kesä 28min

Uniting Women in Cyber Podcast: Breaking Barriers in Cybersecurity with Cybersecurity Girl. [Special Edition]

Uniting Women in Cyber Podcast: Breaking Barriers in Cybersecurity with Cybersecurity Girl. [Special Edition]

In this Special Edition episode, N2K CyberWire's Dave Bittner sits down with Caitlin Sarian, widely known as Cybersecurity Girl, to explore how storytelling, authenticity, and community are reshaping ...

28 Kesä 33min

Space supply chain pressures. [T-Minus: Space-Cyber Briefing]

Space supply chain pressures. [T-Minus: Space-Cyber Briefing]

Despite the space sector seeing greater investment and attention year-over-year, the sector still remains bound by an outdated and ineffective supply chain, especially in the United States. In this w...

28 Kesä 27min

More bark than byte. [Research Saturday]

More bark than byte. [Research Saturday]

This week we are joined by Daniel Schwalbe, Chief Information Security Officer & Head of Investigations at DomainTools, discussing their work on "ZionSiphon OT Malware First Attempts? Psyops? Both?" R...

27 Kesä 24min

Factory reset required.

Factory reset required.

Tata Electronics and Bajaj Auto continue recovery from cyberattacks. FCC tightens undersea cable rules to bolster national security. CISA warns of actively exploited PTC vulnerability. Gamaredon expan...

26 Kesä 25min

Gone with the command.

Gone with the command.

International operation disrupts Amadey and StealC malware infrastructure. Australian spy chief warns nation-state hackers are prepositioning for future sabotage. Stealthy new backdoor may be tied to ...

25 Kesä 25min

Klue me in on the breach.

Klue me in on the breach.

LastPass says Klue breach affected customer information, but passwords remain secure. Attackers begin exploiting Cisco Unified CM vulnerability. CISA flags actively exploited Ubiquiti and Lantronix fl...

24 Kesä 28min

All eyes on AI.

All eyes on AI.

Five Eyes warns AI could supercharge cyberattacks within months. Tata Electronics confirms breach as stolen data allegedly includes Apple and Tesla documents. Researchers publish new analysis of Forti...

23 Kesä 24min

Suosittua kategoriassa Politiikka ja uutiset

uutiscast
aikalisa
ootsa-kuullut-tasta-2
politiikan-puskaradio
rss-ootsa-kuullut-tasta
tervo-halme
rss-podme-livebox
the-ulkopolitist
otetaan-yhdet
rss-asiastudio
rss-vaalirankkurit-podcast
aihe
rikosmyytit
rss-kaikki-uusiksi
rss-raha-talous-ja-politiikka
et-sa-noin-voi-sanoo-esittaa
rss-kuka-mina-olen
rss-girls-finish-f1rst
rss-ulkopoditiikkaa
rss-pinnalla