“Apple acquired firmware security company LegbaCore in November 2015, according to security researcher Trammell Hudson, who revealed the acquisition in his presentation at the 32C3 conference in December,” Husain Sumra reports for MacRumors.
“LegbaCore had collaborated with Hudson on Thunderstrike 2, the first firmware worm to affect Mac computers,” Sumra reports. “The malware is impossible to remove, resistant to both firmware and software updates. LegbaCore and Hudson had alerted Apple to Thunderstrike 2’s vulnerabilities and Apple began work on fixes, issuing one in June 2015.”
Summa reports, “While LegbaCore is a security consultancy firm that doesn’t own any specific technology, it’s likely Apple will use [founder Xeno] Kovah and Kallenberg’s talent and knowledge to help improve firmware and software security in future iterations of Apple’s various hardware and software products.”
What did Apple hire us to do? We can’t say. 🙂 Well, we can probably say something like “low level security” (I don’t know our job titles)
— Xeno Kovah (@XenoKovah) November 10, 2015
Read more in the full article here.
MacDailyNews Take: Excellent. Even more security for Apple products!
SEE ALSO:
Thunderstrike 2 worm can infect your Mac without detection, but requires root access – August 3, 2015
Apple secures Macs against ‘Thunderstrike’ attacks in OS X 10.10.2 – January 24, 2015
Macs vulnerable to virtually undetectable malware that ‘can’t be removed’, but physical access is required – January 12, 2015
New proof-of-concept ‘Thunderstrike’ bootkit for OS X can permanently backdoor Macs – January 9, 2015
Finally, a coherent move.
Let us hope this is an acqknowledged start for Apple in improving code throughout the OSX lineup.
I second that emotion. Apple has had a really bad year for following up on reports of Apple tech exploits, sitting on problems for over a year in a couple cases.
This is a brilliant move.. Thanks Apple. This shows some thought and care.