98
Critical 1Password flaws may allow hackers to snatch your passwords (CVE-2024-42219, CVE-2024-42218)
(www.helpnetsecurity.com)
this post was submitted on 09 Aug 2024
98 points (99.0% liked)
Cybersecurity
5700 readers
293 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]
Notable mention to [email protected]
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
And it is MacOS only… so. While yes this is very important - this is a very small target… Mac users who use 1Password
Doesn’t sound like it would be that small of a target?
I don’t know what the user distribution is like, but I imagine Mac users are a solid chunk of users for a “premium” password manager like this.
Perhaps, I am certain that it is a non zero number. But the majority of Apple users would use keychain (apples built in passwords management) first.
Shrug. Ymmv
It works on android too... And web browsers
Does nobody read the article? 1Password works on any platform but the attack is Mac only because it's actually getting passwords from a Mac's keychain through older versions of 1Password.