Hello Guest, welcome to torrentinvites.org - Your #1 source for Torrent Invites!
CLICK HERE to register for free and gain full access to TI.org!
Torrent Invites! Buy, Trade, Sell Or Find Free Invites, For EVERY Private Tracker! HDBits.org, BTN, PTP, MTV, Empornium, Orpheus, Bibliotik, RED, IPT, TL, PHD etc!
-
Serious Security Flaw found in 1,500 iOS apps—Checkout if your iPhone is at risk
Researchers have identified a serious vulnerability in at least 1,500 iOS apps. This security flaw has made the apps exploitable by hackers who look for victims to swipe passwords and obtain financial data.
Last month IT security firm SourceDNA discovered a bug that has been fixed in an open-source code update. This bug contained a serious vulnerability and still some app developers have ignored updating their apps to the new version.
The bug was identified in an AFNetworking version released in January as “an open-source code library that allows developers to drop networking capabilities into their apps.”
Reportedly, the vulnerability served as a facilitator of man-in-the-middle attack, which helps hackers gain access to HTTPS encrypted data. HTTPS is an internet security protocol used widely.
Ars Technica described the details of how hackers would attack the apps running 2.5.1 version of AFNetworking as:
“To exploit the bug, attackers on a coffee shop Wi-Fi network or in another position to monitor the connection of a vulnerable device need only present it with a fraudulent secure sockets layer certificate. Under normal conditions the credential would immediately be detected as a counterfeit, and the connection would be dropped. But because of a logic error in the code of version 2.5.1, the validation check is never carried out, so fraudulent certificates are fully trusted.”
SourceDNA scanned and analyzed the entire app database of 1.4million titles in the App Store after identifying the flawed code to see which of the apps are still vulnerable.
Few relative apps contained the compromised source code. However, the problem is that popular apps like Movies by Flixster and Rotten Tomatoes were still found to be vulnerable.
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules