Common Information
| Type | Value |
|---|---|
| Value |
Keychain - T1634.001 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may collect keychain data from an iOS device to acquire credentials. Keychains are the built-in way for iOS to keep track of users' passwords and credentials for many services and features such as Wi-Fi passwords, websites, secure notes, certificates, private keys, and VPN credentials. On the device, the keychain database is stored outside of application sandboxes to prevent unauthorized access to the raw data. Standard iOS APIs allow applications access to their own keychain contained within the database. By utilizing a privilege escalation exploit or existing root access, adversaries can access the entire encrypted database.(Citation: Apple Keychain Services)(Citation: Elcomsoft Decrypt Keychain) |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2022-12-12 | 0 | 10 Most Secure Laptops 2022: Buyer's Guide | ||
| Details | Website | 2022-12-12 | 0 | Advanced Data Protection for iCloud is a good start, but Apple has more work to do | ||
| Details | Website | 2022-12-09 | 0 | Apple announces 3 new security features | ||
| Details | Website | 2022-12-01 | 3 | Hell’s Keychain: Supply-chain vulnerability in IBM Cloud Databases for PostgreSQL allows potential unauthorized database access | Wiz Blog | ||
| Details | Website | 2022-11-21 | 2 | Who needs a Code Signing Certificate? | ||
| Details | Website | 2022-11-17 | 0 | This open-source app lets hackers steal your Apple passwords | ||
| Details | Website | 2022-11-16 | 0 | Pilfered Keys: Free App Infected by Malware Steals Keychain Data – Cyber Security Review | ||
| Details | Website | 2022-11-16 | 21 | Pilfered Keys Free App Infected by Malware Steals Keychain Data | ||
| Details | Website | 2022-11-16 | 20 | Pilfered Keys Free App Infected by Malware Steals Keychain Data | ||
| Details | Website | 2022-10-21 | 0 | Passkey Demos Hint at What's Ahead for Passwordless Authentication | ||
| Details | Website | 2022-10-13 | 0 | Android and Chrome start showing passwords the door | ||
| Details | Website | 2022-09-29 | 1 | S3 Ep102: How to avoid a data breach [Audio + Transcript] | ||
| Details | Website | 2022-09-28 | 0 | Erbium stealer on the hunt for data | ||
| Details | Website | 2022-09-15 | 41 | Erbium Stealer, a new Infostealer enters the scene | ||
| Details | Website | 2022-09-13 | 0 | Can FIDO Passkeys and Accountability Coexist? | ||
| Details | Website | 2022-08-26 | 0 | Microsoft Edge password manager security | ||
| Details | Website | 2022-08-22 | 395 | Vulnerability Summary for the Week of August 15, 2022 | CISA | ||
| Details | Website | 2022-08-18 | 17 | Luca Stealer Targets Password Managers and Cryptocurrency Wallets | ||
| Details | Website | 2022-07-25 | 16 | How to Inject Code into Mach-O Apps. Part II. | ||
| Details | Website | 2022-06-13 | 3 | Apple’s macOS Ventura | 7 New Security Changes to Be Aware Of | ||
| Details | Website | 2022-05-18 | 57 | eSentire Threat Intelligence Malware Analysis: Mars Stealer | ||
| Details | Website | 2022-05-05 | 19 | Avast Q1/2022 Threat Report - Avast Threat Labs | ||
| Details | Website | 2022-04-12 | 57 | Demystifying iOS Code Signature | ||
| Details | Website | 2022-04-04 | 6 | MacOS SUHelper Root Privilege Escalation Vulnerability A Deep Dive Into CVE-2022-22639 | ||
| Details | Website | 2022-02-01 | 35 | Mars Stealer: Oski refactoring |