Digital Podcast

Apple’s root Problem, Congressional Testimony on Identity Verification, and National Tax Security Awareness Week


Join Now to Share


InfoSec ICU show

Summary: Gerry and Steve give you an Apple security update on the recent Mac High Sierra bug, discuss a recent testimonial given to Congress about identity verification in a post-breach world, and some advice from the IRS to avoid tax fraud with the tax season coming up. The guys also present their One Cool Thing.<br> <a href="https://podcast.musc.edu/podcast/infosec/e01-infosecicu/" target="_blank" rel="noopener">Get the Show Notes</a><br> Resources<br> Apple security problem in macOS High Sierra<br> A vulnerability for macOS High Sierra has been identified that allows an attacker to bypass administrator authentication without supplying the administrator’s password. Basically someone can have root access to the machine without having to provide a password. In concert with your inner monologue, yes this is an awful vulnerability. Fortunately, Apple has responded quickly and has released a patch (Security update 2017-001).<br> This vulnerability applies to systems running macOS High Sierra and does not affect systems running macOS Sierra 10.12.6 and earlier.<br> <a href="https://support.apple.com/en-us/HT208315" target="_blank" rel="noopener">https://support.apple.com/en-us/HT208315</a><br> <a href="https://support.apple.com/en-us/HT201541" target="_blank" rel="noopener">https://support.apple.com/en-us/HT201541</a><br> House Energy and Commerce Hearing<br> <a href="https://energycommerce.house.gov/hearings/identity-verification-post-breach-world/" target="_blank" rel="noopener">https://energycommerce.house.gov/hearings/identity-verification-post-breach-world/</a><br> IRS Anti- Tax Fraud tips and tricks<br> As part of National Tax Security Awareness Week-November 27 to<br> December 1-the Internal Revenue Service (IRS) is releasing daily<br> security tips to help taxpayers protect their data and identities<br> against tax-related identity theft.<br> <a href="https://www.irs.gov/newsroom/national-tax-security-awareness-week-2017" target="_blank" rel="noopener">https://www.irs.gov/newsroom/national-tax-security-awareness-week-2017</a><br>