September 2, 2015

Attacks accessing Mac keychain without permission date back to 2011

Thomas Reed, who is director of Mac offerings at security firm Malwarebytes, said he tested the AppleScript on the current version of Apple’s OS X and found it worked, as long as a user had already allowed the app running the script to control the Mac. On Monday, Reed disclosed the same technique was being used by the Genieo adware installer to gain access to a Safari extensions list that’s protected inside the Mac Keychain.

Read More