Patrick Wardle

macOS High Sierra Vulnerability Allows Third-Party Apps to Access Keychain Data in Plaintext

Apple’s macOS High Sierra, which was released to the public today, contains a vulnerability that lets apps discover Keychain passwords in plaintext. According to Synack research director Patrick Wardle, the vulnerability requires victims to intentionally override built-in security. Wardle was able to leverage the vulnerability to steal logins for websites like Facebook and Bank of America. Wardle said that […]