Don't Let This Attack Freeze Your Mac or iPhone
Just over a month after researchers demonstrated that hackers can hijack mouse clicks on a Mac, a new report indicates that specially crafted web pages can freeze or crash Macs and iPhones.
Security researcher Sabri Haddouche has created HTML and CSS code that, when hosted by a web page, attacks visitors' devices.
"The attack uses a weakness in the -webkit-backdrop-filter CSS property," Haddouche told BleepingComputer. "By using nested divs with that property, we can quickly consume all graphic resources and crash or freeze the OS."
In other words, while the code is just 15 lines long, it contains a massive amount of <div> tags, which consume all of your device's graphic resources, causing it to freeze or restart.
Haddouche went on to note that the attack affects all browsers on iOS, as well as Safari and Mail in macOS.
"All browsers on iOS are affected because the underlying rendering engine is WebKit," Haddouche explained.
Visiting the webpage on a Mac will cause Mail and Safari to freeze for a second, and the computer running them to slow down. (Once you've closed the Safari tab running the code, the computer returns to normal).
It caused a device running iOS 12 to reboot completely, but caused an iOS 11.4.1 device to only respring (boot the user to the lock screen). According to Twitter user Robert Petersen, the web page causes an Apple Watch running watchOS 5 to freeze and reboot as well.
Haddouche claims he has also created an attack using HTML, CSS and JavaScript that will totally freeze macOS computers, and cause them to re-launch the same malicious webpage upon rebooting, in effect putting them into a temporary boot loop.
Many Mac users still assume Macs aren't vulnerable to malware and adware, but the truth is that the past two years have seen more Mac vulnerabilities than ever before.
Just a few weeks ago, North Korean state-sponsored hackers used Mac malware to successfully hack a cryptocurrency exchange platform. And back in January, a researcher discovered a piece of macOS malware that reroutes your traffic to malicious websites, and could also be used to steal passwords, take screenshots, download files, run software and more.
Unfortunately, there isn't much you can do to prevent these attacks. We'll just have to wait for Apple to release a patch. In the meantime, take extra care not to click on links that you're not familiar with.
Source tomsguide
Latest Jobs
-
- Sales Manager (IT Managed Services)
- Manchester
- Up to £80,000 Base + Double OTE
-
Sales Manager (IT Managed Services) Ref BD7627 Salary: Up to £80,000 Base + Double OTE A great opportunity has come up for a Sales Manager to join a fast-growing IT infrastructure provider to manage their north west-based new business sales team. The Sales Manager will be responsible for leading an enterprise new business sales team who will be bidding and winning new business within the North West region. Skills & Experience required: Direct sales experience in the telecommunications/technology sector. Strong leadership/team skills and a positive track record in executing sales process & strategies and coordinating among internal and external stakeholders. Strong understanding of IT managed services such as Cloud, Cyber Security, Telecommunications (WAN/MPLS/SDWAN etc.) & Unified Communications. Have a team player attitude as well as being able to manage. Sales Manager Jobs, Telecoms Jobs, Telecommunications Jobs
-
- Security Overlay Specialist, Presales Consultant
- London
- Up to £80,000 plus 25% Commission and benefits
-
RA7291 Location: South East Salary Up to £80,000 plus 25% Commission and benefits Security Overlay Specialist, Presales Consultant A technically minded but sale focus individual is needed to be the Security Overlay Specialist for a global Tier 1 Service provider, Your remit will be to be the technical sales advocate for solutions based on security and Managed Network Services products; proactively working with the Account teams, Marketing Teams, Strategic Partners and key customer prospects directly in the development of pipeline and closure of key deals in this technology domain. They are looking for someone who has the technical networking and security background with the ability to do high-level technical solution design but who enjoys being more sales-focused and is able to help shape and develop deals with customers and work internally in helping to shape and develop the solution proposition Key responsibility will include 1) Technical qualification 2) pipeline generation 3) key deal leadership They are not looking for a hardcore Security Deep Domain expert, more of a global network services generalist with good broad security knowledge and some experience in working on managed UTM and Threat Monitoring services deals, but eager to learn and skill up in this area. Presales Jobs, Pre-Sales Jobs, Overlay Sales Jobs, Cyber Security Jobs, IT Security Jobs
-
- Presales Consultant (Collaboration)
- London
- £60,000 - £70,000 + bonus + benefits
-
Presales Consultant (Collaboration) RA7316B Location: London £60,000 - £70,000 + bonus + benefits One of the leading Global Telco’s are looking to expand their Collaboration presales team. The Presales Consultant will be responsible for providing technical guidance to the sales team and Enterprise Customer focusing around Cisco and Microsoft UC solutions. The Presales Consultant will have a good technical and general knowledge of cisco UC and Contact centre solutions and ideally experience to Microsoft Skype for Business and teams, you will be able to translate enterprise customer requirements into functional, effective and appropriate solutions for your customer base. Candidates need to have previous presales experience advising customers on collaboration solutions. You will need experience of doing high level design and presenting these solutions to C-level Executives. (Unified Comms Jobs, Unified Communications Jobs, UC Jobs, Collaboration Jobs)
-
- Collaboration Practice Lead
- London
- Up to £90,000 + bonus + benefits
-
Collaboration Practice Lead RA5791 Location: London Salary up to £90,000 plus bonus and benefits Collaboration Practice Lead is required for a global Tier 1 Service provider, you will be part of a global team helping to shape and deliver UC and Contact centre (CC) solution to enterprise clients and select SI partners. Responsibilities include Regular interaction with multi Regional SMEs to understand divergent UC/ CC needs and drive a team of Solution engineers and aid them in review/ approve the functional design, prepare and present customized solutions etc. Support the Proposal team in RFI, RFP and SO Identify desired UC/ CC solution functionality, evaluate alternatives, close gaps with Product. Strong alignment with Various OEMs in Collaboration (Audio, Video, Web and Social) Industry. Ability to work with Engineering, Product and Marketing teams to offer feedback, bridge Gaps and conduct technology sessions and participate in Industry forums representing TCL. Create readily demonstrable demos and develop POCs with prospective customers thereby enhancing Sales Funnel for UCC portfolio. Able to position Hosted Solutions across Contact center, Webex and IPT Solutions against premise setups You will require Proven leadership skills that build relationships with key stakeholders. Ability to communicate effectively and experience in documenting requirements and specifications is essential. Ability to cross-train and mentor associates on UCC technologies and updates Strong Knowledge around SIP, IP PBX, Webex, IPT, Various Video endpoints, interoperability scenarios is desired. Knowledge and experience designing and implementing enterprise room-based and mobile videoconferencing systems Experience with enterprise Cisco voice platforms is required, including Communications Manager, Unity Connection, Cisco Presence, Contact Center Express or Enterprise, Telepresence, Jabber etc Enterprise voice, video, and collaboration architectures including core call processing, voicemail, presence, contact centre, call recording, video conferencing, instant messaging, etc. In depth understanding of high availability design best practices for enterprise voice and video systems Microsoft Skype and teams experience would be beneficial (Unified Comms Jobs, Unified Communications Jobs, UC Jobs, Collaboration Jobs)