SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
New Zealand
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Malware
#
Cybersecurity
#
Personal Computing Devices

MacOS High Sierra zero-day shows Keychain passwords in plain text

Wed, 27th Sep 2017
FYI, this story is more than a year old
Author image
By Sara Barker, Copywriter and Senior News Editor

MacOS users who are starting the upgrade to High Sierra – and  those who are using El Capitan – are vulnerable to a proof-of-concept attack that shows their online passwords in plain text, according to Synack security researcher Patrick Wardle.

He discovered that Mac Keychain, a native password management tool, can store online account usernames and passwords in plain text, allowing malicious applications direct access to the account details. However, the Keychain is generally protected by a master password.

Wardle revealed the details in a video that showed a demonstration of the attack.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
ThreatQuotient report highlights rise in cyber automation
Cybercriminals target Olympic Games & concerts in 2024
Akamai enhances cloud security & zero trust solutions
Versa launches pay-as-you-go cloud firewall on AWS
Exploring the role & impact of bots in eCommerce
Top stories
Ransomware-as-a-Service group BianLian opts for unique model
HiTRUST focuses on balancing security with user experience
Ransomware attacks rise with construction sector most hit
Cybersecurity report reveals 145,000 exposed ICS systems
CYFOX & Simplicity One partner for SMB cybersecurity