Source |
Network World |
Identifiant |
307120 |
Date de publication |
2017-02-06 17:46:08 (vue: 2017-02-06 17:46:08) |
Titre |
Dozens of iOS apps fail to secure users\' data, researcher says |
Texte |
Dozens of iOS apps that are supposed to be encrypting their users' data don't do it properly, according to a security researcher.Will Strafach, CEO of Sudo Security Group, said he found 76 iOS apps that are vulnerable to an attack that can intercept protected data.The developers of the apps have accidentally misconfigured the networking-related code so it will accept an invalid Transport Layer Security (TLS) certificate, Strafach claimed in a Monday blog post. Â Â TLS is used to secure an app's communication over an internet connection. Without it, a hacker can essentially eavesdrop over a network to spy on whatever data the app sends, such as login information. Â To read this article in full or to leave a comment, please click here |
Envoyé |
Oui |
Condensat |
accept accidentally according app apps are article attack blog can ceo certificate claimed click code comment communication connection data developers don dozens eavesdrop encrypting essentially fail found full group hacker have here information intercept internet invalid ios layer leave login misconfigured monday network networking over please post properly protected read related researcher said says secure security sends spy strafach such sudo supposed tls transport used users vulnerable whatever will without â to â â tls |
Tags |
|
Stories |
|
Notes |
|
Move |
|