MacOS Safari Exploit Exposes Camera, Mic, Browser Data (www.darkreading.com)
from BrikoX@lemmy.zip to cybersecurity@sh.itjust.works on 19 Oct 02:39
https://lemmy.zip/post/24754385

Microsoft researchers toyed with app permissions to uncover CVE-2024-44133, using it to access sensitive user data. Adware merchants may have as well.

#cybersecurity

threaded - newest

[deleted] on 19 Oct 03:39 next collapse

.

undefined@links.hackliberty.org on 19 Oct 05:33 next collapse

Is this a joke? Back in my office days I constantly had to switch to Chromium-based browsers to load websites with shit security (TLS 1.0 anyone?). Chrome’s even dumb enough to let you load an <iframe> without checking the content-type.

(Not hating on Firefox though.)

nokturne213@sopuli.xyz on 19 Oct 18:55 collapse

What makes safari spyware?

rowdyrockets@lemm.ee on 19 Oct 14:57 collapse

Was CVE-2024-44133 Already Exploited?

After concocting their exploit, Microsoft started scanning customer environments for activity that aligned with what they’d found. On one device, lo and behold, they spotted something quite closely resembling what they were looking for.

It was a program digging into the victim’s Chrome configuration settings, adding approval for microphone and camera access to a specific URL. It also did more: gathering user and device information, laying the groundwork for a second-stage payload.

I’m not sure if this article is disingenuous or if I’m just confused… but it states when MS scanned their customers’ environments, they discovered malware making changes to the Chrome config. And the Safari CVE was patched in September. So we don’t have proof of this happening in the wild then?

What’s more, the Safari exploit requires making changes to a protected directory. But no indication of how that is done by just the browser exploit. Did the attackers already have access to the machine? If so, this article is a nothing burger.