EUVD-2015-5860

Malware in sbrugna...

Millions of Thunderbolt-Equipped Devices Open to 'ThunderSpy' Attack

A new attack enables bad actors to steal data from Windows or Linux devices equipped with Thunderbolt ports – if they can get their hands on the device for just five minutes. The attack, called “Thunderspy,” specifically targets Thunderbolt technology, which is a hardware interface developed by...

Millions of Up-to-Date Apple Macs Remain Vulnerable to EFI Firmware Hacks

"Always keep your operating system and software up-to-date." This is one of the most popular and critical advice that every security expert strongly suggests you to follow to prevent yourself from major cyber attacks. However, even if you attempt to install every damn software update that lands t...

Code injection

The EFI component in Apple OS X before 10.11 allows physically proximate attackers to modify firmware during the EFI update process by inserting an Apple Ethernet Thunderbolt adapter with crafted code in an Option ROM, aka a "Thunderstrike" issue. NOTE: this issue exists because of an incomplete...

CVE-2015-5914

CVE-2015-5914 affects the EFI component in Apple OS X prior to 10.11. The issue enables physically proximate attackers to modify firmware during EFI updates by inserting an Apple Ethernet Thunderbolt adapter with crafted code in an Option ROM (Thunderstrike). Root cause is an incomplete fix for C...

CVE-2015-5914

The EFI component in Apple OS X before 10.11 allows physically proximate attackers to modify firmware during the EFI update process by inserting an Apple Ethernet Thunderbolt adapter with crafted code in an Option ROM, aka a "Thunderstrike" issue. NOTE: this issue exists because of an incomplete...

Thunderstrike 2: World's First Firmware Worm That Infects Mac Computers Without Detection

If you think Apple’s Mac computers are much more secure than Windows-powered systems, you need to think again. This isn’t true, and security researchers have finally proved it. Two security researchers have developed a proof-of-concept computer worm for the first time that can spread automaticall...

Thunderstrike 2 Mac OS X Firmware Worm

A new attack against Intel firmware running in Apple computers is expected to be unveiled at this week’s Black Hat conference. The research is an extension of the Thunderstrike Mac OS X firmware bootkit disclosed this spring that enables the undetectable installation of malicious firmware that...

Apple Mac OSX Zero-Day Bug Allows Hackers to Install RootKit Malware

A zero-day software vulnerability discovered deep in the firmware of many Apple computers could allows an attacker to modify the system’s BIOS and install a rootkit, potentially gaining complete control of the victim’s Mac. The critical vulnerability, discovered by well-known OS X security...

Firmware Bug in OSX Could Allow Installation of Low-Level Rootkits

There is a vulnerability buried deep in the firmware of many Apple laptops that could allow an attacker to overwrite the machine’s BIOS and install a rootkit, gaining complete control of the Mac. The vulnerability lies in the UEFI system on some older MacBooks, and researcher Pedro Vilaca...

CVE-2014-4498

The CPU Software in Apple OS X before 10.10.2 allows physically proximate attackers to modify firmware during the EFI update process by inserting a Thunderbolt device with crafted code in an Option ROM, aka the "Thunderstrike" issue...

Code injection

The CPU Software in Apple OS X before 10.10.2 allows physically proximate attackers to modify firmware during the EFI update process by inserting a Thunderbolt device with crafted code in an Option ROM, aka the "Thunderstrike" issue...

CVE-2014-4498

CVE-2014-4498 affects Apple OS X pre-10.10.2. The EFI/firmware can be modified by a physically proximate attacker via a Thunderbolt device carrying crafted code in an Option ROM during the EFI update process (Thunderstrike). The vulnerability targets the EFI update flow; impact is attacker-contro...

CVE-2014-4498

The CPU Software in Apple OS X before 10.10.2 allows physically proximate attackers to modify firmware during the EFI update process by inserting a Thunderbolt device with crafted code in an Option ROM, aka the "Thunderstrike" issue...

Apple Patches Thunderstrike Bug in OSX, Fixes More Than 30 Flaws in iOS

Apple has released major security updates for both OS X and iOS that includes patches for a number of bugs that could lead to arbitrary code execution. The release of iOS 8.1.3 fixes a vulnerability that allowed an attacker to bypass the sandbox restrictions in Safari and the OS X update fixes a...

Apple Releases iOS 8.1.3

Apple has rolled out iOS 8.1.3 for iPhone, iPod touch and iPad devices, after weeks of extensive testing. The iOS 8.1.3 update contains bug fixes, stability enhancements and performance improvements. Among the new features, it reduces the amount of storage space required to perform a software...

Apple OS X Yosemite 10.10.2 Update to Patch years-old Thunderstrike vulnerability

Apple is preparing to release the second update to OS X Yosemite in the coming days to its customers. The upcoming beta update OS X Yosemite 10.10.2 contains a patch for the Thunderstrike vulnerability that allows malware to be injected into Macs via the Thunderbolt port. Earlier this month,...

Thunderstrike Patch Slated for Inclusion in New OS X Build

In addition to patching the three Project Zero vulnerabilities disclosed last week, Apple is apparently readying a fix for the Thunderstrike boot attack as well, something that will purportedly rid all Macs running Yosemite of the issue. All of the vulnerabilities have reportedly been fixed in...

Thunderstrike Apple Mac OS X Firmware Bootkit Unveiled

A vulnerability at the heart of Apple’s Mac OS X systems—one thus far only partially addressed by Apple—opens the door to the installation of malicious firmware bootkits that resist cleanup and give hackers persistent, stealthy control over a compromised Mac. The research is the work of a reverse...

Thunderstrike — Infecting Apple MacBooks with EFI Bootkit via Thunderbolt Ports

A security researcher has discovered an easy way to infect Apple’s Macintosh computers with an unusual kind of malware using its own Thunderbolt port. The hack was presented by programming expert Trammell Hudson at the annual Chaos Computer Congress 30C3 in Hamburg Germany. He demonstrated that i...