Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

To kick or not to kick... -- Somewhere on IRC, inspired by Shakespeare

aus+uk / uk.comp.sys.mac / Mac webcam hijack flaw wins man $100,500 from Apple

SubjectAuthor
o Mac webcam hijack flaw wins man $100,500 from AppleDavid Brooks

1
Mac webcam hijack flaw wins man $100,500 from Apple

<fYuIJ.24550$G3m1.4340@fx13.ams1>

  copy mid

https://www.novabbs.com/aus+uk/article-flat.php?id=5831&group=uk.comp.sys.mac#5831

  copy link   Newsgroups: alt.computer.workshop uk.comp.sys.mac
Path: i2pn2.org!i2pn.org!usenet.goja.nl.eu.org!2.eu.feeder.erje.net!feeder.erje.net!feeder5.feed.usenet.farm!feeder1.feed.usenet.farm!feed.usenet.farm!news.uzoreto.com!npeer.as286.net!npeer-ng0.as286.net!peer01.ams1!peer.ams1.xlned.com!news.xlned.com!fx13.ams1.POSTED!not-for-mail
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0)
Gecko/20100101 Thunderbird/91.5.1
Newsgroups: alt.computer.workshop,uk.comp.sys.mac
Content-Language: en-GB
From: Davidb...@{REMOVESPAM}me.com (David Brooks)
Subject: Mac webcam hijack flaw wins man $100,500 from Apple
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Lines: 20
Message-ID: <fYuIJ.24550$G3m1.4340@fx13.ams1>
X-Complaints-To: abuse@blocknews.net
NNTP-Posting-Date: Thu, 27 Jan 2022 11:01:31 UTC
Organization: blocknews - www.blocknews.net
Date: Thu, 27 Jan 2022 11:01:30 +0000
X-Received-Bytes: 1479
 by: David Brooks - Thu, 27 Jan 2022 11:01 UTC

Dustin Cook's former adversary said .....

//An independent security researcher has received a $100,500 bug bounty
from Apple after discovering a security hole in the company's Safari
browser for macOS that could allow a malicious website to hijack
accounts and seize control of users' webcams.

Georgia Institute of Technology's Ryan Pickren, who is also the founder
of BugPoC, uncovered a universal cross-site scripting (UXSS) flaw in
Apple's Safari browser that could lead to serious security problems.

As Pickren explains in a technical blog post, the attack begins by
tricking a potential victim into opening what they believe to be an
innocent-looking .PNG image file.//

Details, here:- https://www.ryanpickren.com/safari-uxss

--
Kind regards,
David B.

1
server_pubkey.txt

rocksolid light 0.9.8
clearnet tor