Lucene search
K

7 matches found

The Hacker News
The Hacker News
added 2022/07/19 11:50 a.m.62 views

Experts Uncover New CloudMensis Spyware Targeting Apple macOS Users — The Hacker News

Cybersecurity researchers have taken the wraps off a previously undocumented spyware targeting the Apple macOS operating system. The malware, codenamed CloudMensis by Slovak cybersecurity firm ESET, is said to exclusively use public cloud storage services such as pCloud, Yandex Disk, and Dropbox...

5.5CVSS0.7AI score0.03208EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2020/10/16 4:51 p.m.10 views

CVE-2020-9934

An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A local user may be able to view sensitive user information...

4.5AI score0.03208EPSS
Exploits1References2
CVE
CVE
added 2020/10/16 4:51 p.m.787 views

CVE-2020-9934

CVE-2020-9934 describes a local macOS/TCC bypass via environment-variable poisoning. The root issue is how tccd expands HOME/USER home paths to locate the TCC.db, enabling an attacker with local access to plant a malicious TCC database and alter an app’s entitlements (e.g., microphone/camera) wit...

5.5CVSS5AI score0.03208EPSS
In wildExploits1References3Affected Software3
ATTACKERKB
ATTACKERKB
added 2020/10/16 12:0 a.m.71 views

CVE-2020-9934 - macOS Transparency, Consent, and Control (TCC) Framework bypass

An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A local user may be able to view sensitive user information. Recent assessments: busterb at August 03, 2020 10:42p...

5.5CVSS5.6AI score0.03208EPSS
In wildExploits1References3
Rapid7 Blog
Rapid7 Blog
added 2020/09/18 6:28 p.m.174 views

Metasploit Wrap-Up

Refreshingly configurable F5, on top of being a handy shortcut you can press over and over again until 3am just to watch the RTX 3080 preorders sell out instantly, is also a company that specializes in the delivery, security, performance, and availability of web applications, computing, storage,...

10CVSS9.1AI score0.99512EPSS
Exploits87
Metasploit
Metasploit
added 2020/09/12 5:41 p.m.296 views

Bypass the macOS TCC Framework

This module exploits a vulnerability in the TCC daemon on macOS Catalina use post/osx/escalate/tccbypass msf posttccbypass show actions ...actions... msf posttccbypass set ACTION msf posttccbypass show options ...show and set options... msf posttccbypass run This module requires Metasploit:...

5.5CVSS6.5AI score0.03208EPSS
Exploits1
Circl
Circl
added 2020/07/29 9:39 p.m.11 views

CVE-2020-9934

creationtimestamp| type| source ---|---|--- 2020-07-29 21:39:06+00:00| published-proof-of-concept| https://t.me/cKure/1562 2020-07-31 16:59:59+00:00| published-proof-of-concept| https://t.me/canyoupwnme/6558 2020-09-11 20:09:25+00:00| seen|...

5.5CVSS6.8AI score0.03208EPSS
Exploits1References11
Rows per page
Query Builder