Around 1,500 apps for iPhone and iPad contain an HTTPS vulnerability making it ‘trivial’ for hackers to perform man-in-the-middle attacks to steal passwords, bank details and other private information.
The bug was uncovered by SourceDNA, Cult of Mac reports, and is a weakness in the open source AFNetworking code library that some developers put into their apps to add networking capabilities. While the vulnerability has been fixed within AFNetworking in version 2.5.2, not all affected apps have been updated to the latest version, leaving them open to attack.
1,500 iOS apps open to simple man-in-the-middle attacks
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.