Common Information
| Type | Value |
|---|---|
| Value |
Keychain - T1634.001 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may collect keychain data from an iOS device to acquire credentials. Keychains are the built-in way for iOS to keep track of users' passwords and credentials for many services and features such as Wi-Fi passwords, websites, secure notes, certificates, private keys, and VPN credentials. On the device, the keychain database is stored outside of application sandboxes to prevent unauthorized access to the raw data. Standard iOS APIs allow applications access to their own keychain contained within the database. By utilizing a privilege escalation exploit or existing root access, adversaries can access the entire encrypted database.(Citation: Apple Keychain Services)(Citation: Elcomsoft Decrypt Keychain) |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2023-03-27 | 0 | New MacStealer macOS malware appears in the cybercrime underground | IT Security News | ||
| Details | Website | 2023-03-27 | 1 | New MacStealer macOS Malware Steals iCloud Keychain Data and Passwords | ||
| Details | Website | 2023-03-27 | 1 | New MacStealer macOS Malware Steals iCloud Keychain Data and Passwords - RedPacket Security | ||
| Details | Website | 2023-03-27 | 49 | 安全事件周报 2023-03-27 第13周 | ||
| Details | Website | 2023-03-24 | 24 | MacStealer: New Command and Control (C2) Malware Identified | ||
| Details | Website | 2023-03-23 | 7 | Complete Guide for Mobile Application Pentesting Use cases | ||
| Details | Website | 2023-03-22 | 43 | Session Cookies, Keychains, SSH Keys and More | 7 Kinds of Data Malware Steals from macOS Users | ||
| Details | Website | 2023-03-16 | 18 | ChatGPT: The real "Evil Twin" | ||
| Details | Website | 2023-03-07 | 0 | Jamf Pro API and Apple's Swift: Building the SwiftUI App | ||
| Details | Website | 2023-03-02 | 2 | Apple, it’s time to focus on true privacy: security. | ||
| Details | Website | 2023-03-01 | 0 | Hackers Distribute MacStealer MaaS to Target Mac Users | Cyware Hacker News | ||
| Details | Website | 2023-02-27 | 76 | Lumma Stealer targets YouTubers via Spear-phishing Email | ||
| Details | Website | 2023-02-25 | 0 | This Year’s Top Cybersecurity Threats And How To Protect Your Business | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware - National Cyber Security | ||
| Details | Website | 2023-02-21 | 0 | Twitter and 2 factor authentication: what's changing? | ||
| Details | Website | 2023-02-09 | 19 | Detecting credential access without losing cred | ||
| Details | Website | 2023-01-18 | 5 | The good, the bad and the ugly of Apple Passkeys | SlashID Blog | ||
| Details | Website | 2023-01-12 | 11 | DER Entitlements: The (Brief) Return of the Psychic Paper | ||
| Details | Website | 2023-01-05 | 0 | Lock down your Mac with these 10 security tips | ||
| Details | Website | 2023-01-03 | 0 | New device? Here's how to safely dispose of your old one | ||
| Details | Website | 2023-01-01 | 123 | The Mac Malware of 2022 👾 | ||
| Details | Website | 2022-12-31 | 22 | Password Cracking —Understanding basics and tools used. | ||
| Details | Website | 2022-12-26 | 10 | Supply-Chain Security: Evaluation of Threats and Mitigations | ||
| Details | Website | 2022-12-16 | 0 | How to Use Swift with the Jamf API, Part 4: Implementing a New Object | ||
| Details | Website | 2022-12-14 | 1 | Introducing PEACH, a tenant isolation framework for cloud applications | Wiz Blog | ||
| Details | Website | 2022-12-13 | 0 | Secret-based cloud supply-chain attacks: Case study and lessons for security teams | Wiz Blog |