2 posts tagged with "apple"

Supernetworks macOS SMB Client Vulnerabilities

What to Know​

Supernetworks identified several vulnerabilities in macOS Sequoia’s SMB client code.
The worst of which can result in remote kernel code execution via an SMB URL delivered through any application that allows clickable URLs (e.g. messaging apps. Browsers, email client). This isn’t necessarily a one click attack, as a user may need to click through some UI elements to trigger the exploit. A privileged network position could also be used to carry out a man-in-the-middle attack against a user that typically uses SMB shares. It goes without saying that this also operates as a local privilege escalation from a non privileged user to kernel code execution.

How Does WiFi Location Positioning & Tracking Work?​

All Apple Smartphones and Laptops as well as Google Devices passively collect Access Point Names (the SSID) and their hardware address (the BSSID), and they then tag it with the GPS location. With billions of customers, tech giants have been able to build databases that contain the physical position of almost every access point in the world.

Researchers from the University of Maryland published that the privacy features in the public APIs were insufficient to protect the privacy of individuals. See the paper from Erik Rye, Dave Levin for the details: "Surveilling the Masses with Wi-Fi-Based Positioning Systems"

Krebs On Security has a through review of the issue: "Why Your Wi-Fi Router Doubles as an Apple AirTag"