PINs for Cryptography with Hardware Secure Elements

I’m a big fan of technologies that enable otherwise impossible security properties and user experiences, like cryptography often can. One such technology is hardware secure elements. Here’s a thing you can’t do with cryptography: encrypt data securely with a low-entropy secret, like a PIN. If a...

Intuit Quicken Deluxe 2018 for Mac Password Protection Authentication Bypass Vulnerability

Summary An exploitable information disclosure vulnerability exists in the password protection functionality of Quicken Deluxe 2018 for Mac version 5.2.2. A specially crafted sqlite3 request can cause the removal of the password protection, allowing an attacker to access and modify the data withou...

Is My Mac Secure from Malware and Viruses?

Do you own a Mac? If so, you might have the common perception that they’re more secure from internet threats than Windows PCs. Unfortunately, this isn’t the case. The truth is that Macs have historically not been targeted by hackers as frequently as Windows systems, simply because there were fewe...

FileVault Detection (Mac OS X)

Binary data macosxfilevaultenabled.nbin...

CVE-2017-13837

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Installer" component. It does not properly restrict an app's entitlements for accessing the FileVault unlock key...

CVE-2017-13837

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Installer" component. It does not properly restrict an app's entitlements for accessing the FileVault unlock key...

Design/Logic Flaw

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Installer" component. It does not properly restrict an app's entitlements for accessing the FileVault unlock key...

CVE-2017-13837

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Installer" component. It does not properly restrict an app's entitlements for accessing the FileVault unlock key...

CVE-2017-13837

CVE-2017-13837 affects macOS before 10.13, specifically the Installer component. The vulnerability arises from insufficient restriction of an app’s entitlements for accessing the FileVault unlock key, allowing a malicious app to access the key. Root cause: entitlements are not properly restricted...

CVE-2017-13786

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "APFS" component. It does not properly restrict the DMA mapping time of FileVault decryption buffers, which allows attackers to read cleartext APFS data via a crafted Thunderbolt adapter...

Design/Logic Flaw

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "APFS" component. It does not properly restrict the DMA mapping time of FileVault decryption buffers, which allows attackers to read cleartext APFS data via a crafted Thunderbolt adapter...

CVE-2017-13786

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "APFS" component. It does not properly restrict the DMA mapping time of FileVault decryption buffers, which allows attackers to read cleartext APFS data via a crafted Thunderbolt adapter...

CVE-2017-13786

An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "APFS" component. It does not properly restrict the DMA mapping time of FileVault decryption buffers, which allows attackers to read cleartext APFS data via a crafted Thunderbolt adapter...

CVE-2017-13786

APFS DMA mapping timing vulnerability in macOS with versions before 10.13.1. The issue allows reading cleartext APFS data via a crafted Thunderbolt adapter due to insufficient restriction of DMA mapping time for FileVault decryption buffers. Apple’s security update 10.13.1 (and related Sierra/El ...

Apple macOS EFI Password Recovery Vulnerability

Apple macOS is a specialized operating system for Mac computers developed by Apple Inc. in the United States. efi is one of the firmware upgrade interface components. A password recovery vulnerability exists in the EFI component of Apple macOS versions prior to 10.12.4. The vulnerability can be...

CVE-2016-7585

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of DMA in the "EFI" component. It allows physically proximate attackers to discover the FileVault 2 encryption password via a crafted Thunderbolt adapter...

CVE-2016-7585

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of DMA in the "EFI" component. It allows physically proximate attackers to discover the FileVault 2 encryption password via a crafted Thunderbolt adapter...

Design/Logic Flaw

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of DMA in the "EFI" component. It allows physically proximate attackers to discover the FileVault 2 encryption password via a crafted Thunderbolt adapter...

CVE-2016-7585

CVE-2016-7585 affects macOS versions prior to 10.12.4, describing a DMA handling flaw in the EFI component that can allow a physically proximate attacker (via Thunderbolt) to recover the FileVault 2 encryption password. The connected sources confirm a pre-boot DMA risk targeting EFI and note miti...

CVE-2016-7585

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves mishandling of DMA in the "EFI" component. It allows physically proximate attackers to discover the FileVault 2 encryption password via a crafted Thunderbolt adapter...