A collection point
...and some of my own.
ICS- CERT Advisory (ICSA-18-296-03) affecting Telecrane F25 Series.
Low skill level to exploit Vendor: Telecrane Equipment: F25 Series Vulnerability: Authentication Bypass by Capture-Replay. RISK EVALUATION: Successful exploitation of this vulnerability could allow unauthorized users to view commands, replay commands, control the device, or stop the device from running. Telecrane recommends upgrading to the latest firmware. Firmware version 00.0A Robert Abel: Apple’s latest lineup of Macbook includes a security feature to prevent threat actors from carrying out attacks on the device’s microphone that would allow them to eavesdrop on unsuspecting victims.
Apple’s new T2 security chip will be included in the new laptops announced Tuesday Oct. 30 and will protect the device’s encryption keys, storage, fingerprint data and secure boot features and physically cutts the device’s microphone from the rest of the hardware whenever the lid is closed. “This disconnect is implemented in hardware alone, and therefore prevents any software, even with root or kernel privileges in macOS, and even the software on the T2 chip, from engaging the microphone when the lid is closed,” said the support guide. The features don’t disconnect the camera however, because Apple said its “field of view is completely obstructed with the lid closed.” For personal security, it sounds like Apple is moving in the right direction! |
Linking the world
Sharing is caring Archives
May 2024
Categories |