Collaborate Disseminate
I just had the honor of presenting at one of my favorite BSides Conference BsidesNOLA on the State of the new Apple File System (APFS). Sadly, I didn’t have the time to go through the demos but I have uploaded them to YouTube and the slides have been u… Continue reading Presentation Slides & Demo Videos – Getting Saucy with APFS
In the news, Apple macOS Bug Reveals Passwords for APFS Encrypted Volumes in Plaintext, Windows 7 Meltdown patch opens worse vulnerability, Atlanta Hit by Ransomware Attack Impacting Multiple Services, and more on this episode of Paul’s Security Weekly… Continue reading Apple, Meltdown, & Atlanta Hackers – Paul’s Security Weekly #553
There has been some confusion (myself included) on what is vulnerable to this bug and what isn’t. Some folks can replicate and some cannot – so I think its high time to test this properly to see what versions and scenarios are affected by this bug.The … Continue reading Ok Internet, Lets Test this APFS Plaintext Password Bug Properly
At some point you just need to stop looking and be blissfully ignorant…this was not one of those days. In and update to my previously updated blog article, I have found another instance where the plaintext password was written to system logs.&nb… Continue reading OMG, Seriously? – APFS Encrypted Plaintext Password found in ANOTHER (More Persistent!) macOS Log File
A severe programming bug has been found in APFS file system for macOS High Sierra operating system that exposes passwords of encrypted external drives in plain text.
Introduced two years ago, APFS (Apple File System) is an optimized file system for fl… Continue reading Apple macOS Bug Reveals Passwords for APFS Encrypted Volumes in Plaintext
A severe programming bug has been found in APFS file system for macOS High Sierra operating system that exposes passwords of encrypted external drives in plain text.
Introduced two years ago, APFS (Apple File System) is an optimized file system for fl… Continue reading Apple macOS Bug Reveals Passwords for APFS Encrypted Volumes in Plaintext
A severe programming bug has been found in APFS file system for macOS High Sierra operating system that exposes passwords of encrypted external drives in plain text.
Introduced two years ago, APFS (Apple File System) is an optimized file system for fl… Continue reading Apple macOS Bug Reveals Passwords for APFS Encrypted Volumes in Plaintext
I’ve been updating my course (Mac and iOS Forensics and Incident Response) to use new APFS disk images (APFS FTW!) and came across something that both incredibly useful from a forensics perspective but utterly horrifying from a security standpoint. Scr… Continue reading Uh Oh! Unified Logs in High Sierra (10.13) Show Plaintext Password for APFS Encrypted External Volumes via Disk Utility.app
Apple said on Wednesday that it will rush an emergency patch to users that fixes an embarrassing login bug in its High Sierra operating system. Continue reading Apple Announces Emergency Patch to Fix High Sierra Login Bug
A major bug in Apple’s macOS High Sierra gives anyone with physical access to a system running the latest version of the OS root access simply by putting “root” in the user name field. Continue reading Critical Apple Login Bug Puts macOS High Sierra Systems at Risk