all InfoSec news
Zoom Exploit on MacOS
Aug. 17, 2022, 11:11 a.m. | Bruce Schneier
Schneier on Security www.schneier.com
This vulnerability was reported to Zoom last December:
The exploit works by targeting the installer for the Zoom application, which needs to run with special user permissions in order to install or remove the main Zoom application from a computer. Though the installer requires a user to enter their password on first adding the application to the system, Wardle found that an auto-update function then continually ran in the background with superuser privileges.
When Zoom issued an update, the updater …
apple exploit exploits macos privilege escalation vulnerabilities zoom
More from www.schneier.com / Schneier on Security
The Rise of Large-Language-Model Optimization
1 day, 14 hours ago |
www.schneier.com
Dan Solove on Privacy Regulation
2 days, 14 hours ago |
www.schneier.com
Microsoft and Security Incentives
3 days, 14 hours ago |
www.schneier.com
Using Legitimate GitHub URLs for Malware
4 days, 9 hours ago |
www.schneier.com
Other Attempts to Take Over Open Source Projects
1 week, 1 day ago |
www.schneier.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Security Engineer 2
@ Oracle | BENGALURU, KARNATAKA, India
Oracle EBS DevSecOps Developer
@ Accenture Federal Services | Arlington, VA
Information Security GRC Specialist - Risk Program Lead
@ Western Digital | Irvine, CA, United States
Senior Cyber Operations Planner (15.09)
@ OCT Consulting, LLC | Washington, District of Columbia, United States
AI Cybersecurity Architect
@ FactSet | India, Hyderabad, DVS, SEZ-1 – Orion B4; FL 7,8,9,11 (Hyderabad - Divyasree 3)