The Latest in IT Security

Unpatched OS X, iOS flaws allow password, token theft from keychain, apps

17
Jun
2015
Unpatched OS X, iOS flaws allow password, token theft from keychain, apps

apple-ios-os-x-flaws

Six researchers from Indiana University Bloomington, Peking University and Georgia Tech have recently published a paper in which they detail the existence of critical security weaknesses in Apple’s OS X and iOS – weaknesses that could be exploited by a sandboxed malicious app to gain unauthorized access to other apps’ sensitive data.

“More specifically, we found that the inter-app interaction services, including the keychain, WebSocket and NSConnection on OS X and URL Scheme on OS X and iOS, can all be exploited by the malware to steal such confidential information as the passwords for iCloud, email and bank, and the secret token of Evernote,” they noted.

Read More

Leave a reply


Categories

MONDAY, DECEMBER 11, 2017

Featured

Archives

Latest Comments

Social Networks