Bakwazi ukulawula i-Mac kusethaphu yokuqala ye-Wi-Fi

Javier Porcar

Imizuzu ye-2

Ngezikhathi ezithile, ochwepheshe bezokuphepha abavela emhlabeni wonke bayahlangana ukuxoxa ngezinkinga zokuphepha. Enye yazo yi- Ingqungquthela yeBlack Hat ebanjelwe eLas Vegas. Komunye wemicimbi ukwazile ukuphatha iMac, ekucushweni kwangaphambilini kohlelo lokusebenza. 

Ukuba sengozini kusebenza lapho silungiselela i-Wi-Fi okokuqala ngqa, sisebenzisa ithuluzi Lokuphathwa Kwamadivayisi Eselula. Ngale ndlela, i-malware ingafakwa kukhompyutha ngisho nangaphambi kokuba umsebenzisi asebenzise ikhompyutha okokuqala. Into eyingozi kakhulu ukuthi umsebenzisi akakwazi ukwazi ukuthi ushiye "umnyango" uvulekile. 

Kuyiqiniso ukuthi ukuze ulawule, kufanele kuvele uchungechunge lwezimo ezingabhekana nengxenye encane kuphela yabasebenzisi. Kulesi senzakalo, izimo zokuhlaselwa zenzeke, kudinga ukuthi ithimba lethu lisebenzise amathuluzi e-MDM, enzelwe umhlaba webhizinisi. 

Siyazazi izindaba ezivela kumagazini Intambo:

Lapho iMac ivuliwe futhi ixhunywe kwi-Wi-Fi okokuqala, ingena ngamaseva we-Apple ngokuyinhloko ukuthumela umlayezo, “Hheyi, ngiyi-Mac enale nombolo ye-serial. Ngingowomunye umuntu? Kumele ngenzeni?"

Uma inombolo ye-serial ibhaliswe njengengxenye ye-DEP noma i-MDM, lelo sheke lokuqala lizoqala ngokuzenzakalela ukulandelana kokumiswa okuzenzakalelayo, ngochungechunge lokuhlolwa okwengeziwe ngamaseva we-Apple kanye namaseva womthengisi we-MDM. Amabhizinisi ngokuvamile athembele kuthuluzi le-MDM lomuntu wesithathu ukuzulazula ku-Apple ecosystem yebhizinisi. Ngesikhathi ngasinye, uhlelo lusebenzisa "izitifiketi," indlela yokuqinisekisa ukuthi amaseva athile ewebhu yiwo afunayo. Kepha abacwaningi bathole inkinga kwesinye sezinyathelo: Lapho i-MDM iya eMac App Store ukuyolanda isoftware yebhizinisi, ukulandelana kubuyisa umbhalo ozowulanda nokuthi ungawufaka kuphi, ngaphandle kokuthola ubuqiniso bombhalo.

Uma isigebengu singathola ndawo ndawo phakathi kwe-web server yomhlinzeki we-MDM nedivayisi yesisulu, bangafaka esikhundleni sombhalo wokulanda ngomunye onobungozi oyalela iMac ukuthi ifake i-malware endaweni yayo.

Futhi le malware ingafinyelela kulwazi kuyo yonke inethiwekhi yenkampani. 

Lokhu kuba sengozini kutholakale nguJesse Endahl, umphathi omkhulu wezokuphepha enkampanini yabaphathi iFleetsmith, kanye UMax Bélanger, unjiniyela wezitshalo eDropbox.

Nokho, Lokhu kuba sengozini kulungiswe ku-macOS 10.13.6. ngenyanga edlule. Lezi yizizathu esenza sincoma ukuthi ufake isibuyekezo ngasinye ngokushesha okukhulu.


Thenga isizinda
Unentshisekelo ku:
Izimfihlo zokuqalisa iwebhusayithi yakho ngempumelelo

Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.