Posts Tagged “Exploit”

TCC and Gatekeeper Bypasses (1)October 21, 2024
Fake Safari Link Sharing Text (5)October 14, 2024
China Possibly Hacking US “Lawful Access” Backdoor (2)October 9, 2024
Gaining Access to Anyone’s Arc Browser (1)September 20, 2024
Longstanding CocoaPods Vulnerabities July 4, 2024
AirPods Fast Connect Vulnerability (5)July 4, 2024
Root Privilege Escalation via diskutil May 9, 2024
AV1 Integer Overflow April 4, 2024
GoFetch April 4, 2024
xz Backdoor (11)April 1, 2024
Operation Triangulation Details (3)December 28, 2023
Crashing iPhones With a Flipper Zero (1)December 28, 2023
Post-Exploit Fake Airplane Mode (1)August 18, 2023
Triangulation Exploit (1)June 27, 2023
Code Signing Translocation Vulnerability May 10, 2023
Zero-Click Exploits Against iOS 16 April 27, 2023
Bypassing iOS 16.2 Location Privacy (3)February 1, 2023
FORCEDENTRY Sandbox Escape via NSExpression November 20, 2022
PackageKit SIP Bypass July 28, 2022
CoreFollowUp Phishing March 29, 2022
Bypass TCC via Privileged Helpers (2)December 23, 2021
Infinite Recursion in Log4j 2.16 December 21, 2021
FORCEDENTRY iMessage Zero-click Remote Code Execution (1)December 17, 2021
Log4j Fix Also Has RCE December 16, 2021
Log4Shell: Log4j Remote Code Execution (2)December 10, 2021
AOL Exploits Bug in Own Software November 19, 2021
Denis Tokarev’s Four Zero-Days October 29, 2021
iOS Vulnerabilities Either Unfixed or Uncredited September 24, 2021
Scanning Your iPhone for Pegasus August 4, 2021
Through the Blast Door (1)July 23, 2021
iOS Zero-day to Steal Authentication Cookies July 16, 2021
Distributing Unnotarized Mac Apps in an RTFD File July 15, 2021
Leaking Files With TextEdit (1)July 15, 2021
More Trouble With the Apple Security Bounty (2)July 13, 2021
Overview of TCC Bypasses by Accident and Design (5)July 13, 2021
Bypassing TCC By Changing the Environment (2)July 13, 2021
Gatekeeper LaunchAgents Bypass July 13, 2021
TeamViewer Local Privilege Escalation Vulnerability July 13, 2021
Dynamic Libraries Bypass Gatekeeper (1)July 12, 2021
Another Western Digital 0-Day (1)July 9, 2021
Software Vulnerabilities in the Boeing 787 July 7, 2021
Remote Wiping of WD My Book Live Drives June 29, 2021
Password Reset iCloud Account Vulnerability June 23, 2021
TCC Bypass in XCSSET Malware June 4, 2021
Exploiting Vulnerabilities in Cellebrite (1)April 22, 2021
Vulnerabilities in Microsoft Exchange Server (2)March 9, 2021
iMessage’s BlastDoor Sandbox (10)February 1, 2021
Heap-based Buffer Overflow in Sudo (1)January 27, 2021
Sandbox Doesn’t Protect Files From stat() (7)December 7, 2020
An iOS Zero-click Radio Proximity Exploit Odyssey (1)December 7, 2020
We Hacked Apple for 3 Months (7)October 8, 2020
checkra1n T2 Exploit (10)October 7, 2020
Mac App Store Sandbox Escape by Bypassing Initialization September 9, 2020
Stealing Local Files Using Safari Web Share API (1)August 27, 2020
XCSSET Mac Malware August 14, 2020
Infecting macOS via Macro-laden Documents (1)August 7, 2020
Secure Enclave Exploit (1)August 6, 2020
mount_apfs TCC Bypass and Privilege Escalation July 3, 2020
Safari Privacy Protections Bypass July 2, 2020
macOS 10.15.5 Supplemental Update June 1, 2020
Security Flaws in Adobe Acrobat Reader May 14, 2020
Mac Sandbox Escape via TextEdit (4)April 28, 2020
iOS Mail Vulnerabilities in MFMutableData April 22, 2020
Kr00k Wi-Fi Vulnerability (6)February 27, 2020
Abusing Electron Apps to Bypass macOS’s Security Controls December 18, 2019
File System Events Privacy Protections Bypass (4)October 9, 2019
Apple Responds to Project Zero (16)September 6, 2019
Significant iOS Vulnerabilities Used Against Uyghur Muslims in China (1)September 5, 2019
iMessage, NSKeyedArchiver, and _NSDataFileBackedFuture August 23, 2019
Zoom Vulnerabilities (11)July 9, 2019
Legacy App Whitelist Bypass June 20, 2019
Gatekeeper Symlink/Automount Bypass May 27, 2019
Zero-day Safari Exploits Allowed Complete Takeover of Mac (1)March 21, 2019
KeySteal Mac Keychain Exploit (6)February 7, 2019
Major FaceTime Privacy Bug (5)January 29, 2019
Remote Code Execution Vulnerability in SQLite December 19, 2018
Bypassing Mojave Security Protections (10)September 25, 2018
Remote Mac Exploitation via Custom URL Schemes (1)September 4, 2018
HP Leaves Mac Users Vulnerable to Fax Hacks (2)August 31, 2018
EFail Vulnerabilities in OpenPGP and S/MIME May 14, 2018
Cellebrite Can Now Unlock Recent iPhones (4)March 1, 2018
WDMyCloud Multiple Vulnerabilities January 17, 2018
Intel CPU Design Flaw Necessitates Kernel Page Table Isolation (16)January 3, 2018
KRACK: Breaking WPA2 by Forcing Nonce Reuse (14)October 16, 2017
Mac Keychain Vulnerability (1)September 26, 2017
Exception-oriented Exploitation on iOS (1)May 4, 2017
Remote Code Execution With Image Files July 24, 2016
A Year of Windows Kernel Font Fuzzing June 29, 2016
Apple Stops Patching QuickTime for Windows Despite 2 Active Vulnerabilities (1)April 15, 2016
iMessage Attachments Security Flaw March 21, 2016
Updated Gatekeeper Exploit January 16, 2016
Gatekeeper Exploit (1)October 9, 2015
Adware Simulates Mouse Events to Access Keychain (5)September 2, 2015
DYLD_PRINT_TO_FILE Local Privilege Escalation Vulnerability July 24, 2015
XARA: Unauthorized Cross-App Resource Access (2)June 17, 2015
Mac Firmware Security Is Completely Broken (6)June 2, 2015
Safari URL-spoofing Bug (1)May 21, 2015
Yosemite-Only Security Fixes (4)April 9, 2015
Exploiting the DRAM Rowhammer Bug to Gain Kernel Privileges April 1, 2015
Apple EFI Firmware Security Vulnerabilities (1)December 23, 2014
Shellshock Security Bug in Bash October 11, 2014
The Poisoned NUL Byte, 2014 Edition September 2, 2014
Apple Patches “Find My iPhone” Exploit (1)September 1, 2014
iOS Backdoors, Attack Points, and Surveillance Mechanisms (2)July 19, 2014
iOS Keylogging Vulnerability February 25, 2014
Apple’s SSL/TLS Bug (4)February 23, 2014
Inception FireWire/Thunderbolt Hack (2)January 21, 2014
Citi Accounts Were Hacked via URL (1)June 14, 2011
WordPress Flaw June 21, 2007

Note: Most posts from before September 2012 are not yet tagged.