Tag: security-update

Apple’s High Sierra security patch affected Mac file sharing

Apple’s latest update for macOS High Sierra hasn’t gone well. As revealed earlier this week, the update included a bug that made it pretty easy for anyone to gain admin rights to your Mac — an obvious privacy concern. Apple rolled out a patch for the issue, but it seems that’s not without its problems either, as some users are now unable to authenticate or connect to file shares on their Macs. Fortunately, there’s a simple fix. As Apple Insider reports: 1. Open the Terminal app, in the Utilities folder of the Applications folder. 2. Type sudo /usr/libexec/configureLocalKDC and hit Return. 3. Enter your administrator password and press Return. 4. Quit the Terminal app. Done. The number of people affected by the new security update’s flaw is unknown. Apple jumped on the case relatively quickly when the initial problems became clear, but whether or not they’ll release yet another update for this latest issue is unknown. Source: Apple Insider

Read More:
Apple’s High Sierra security patch affected Mac file sharing

HipChat resets all passwords after hackers break in

Today, Hipchat alerted its users that someone broke into one of its servers through a vulnerability in a third-party library. The chat service saw no evidence that other Atlassian systems or products like Jira or Trello were affected, but they’re forcing every user to reset their HipChat-connected account password as a precaution. According to the service’s blog post , the attacker might have gotten access to user information (including name, email and hashed password) of anyone using HipChat.com. There’s been no sign that over 99 percent of users’ messages or room content was compromised, though the attacker could have accessed that portion’s metadata. A small fraction (.05 percent) of instances might have been wide open to the hacker, who would have been able to see correspondence and content. Fortunately, no evidence has suggested that the attacker has accessed anyone’s financial or credit card information. “While HipChat Server uses the same third-party library, it is typically deployed in a way that minimizes the risk of this type of attack, ” the blog post said, but the service will roll a security update out for Hipchat Server just to be sure. Source: HipChat

View article:
HipChat resets all passwords after hackers break in