viralamo

Menu
  • Technology
  • Science
  • Money
  • Culturs
  • Trending
  • Video

Subscribe To Our Website To Receive The Last Stories

Join Us Now For Free
Home
Technology
iMessage bug exposed target's talk history after one click
Technology

iMessage bug exposed target's talk history after one click

08/04/2016

#Apple has patched the main vulnerability in #iMessage so allowed attackers to pull a target’s message history through a bogus link. Once clicked, the link extracted data of within that iMessage application and exported it to an outside source. Apple’s larger security protections prevented this attack from installing malware or pulling data of outside the iMessage application. Just it still represents a significant data breach for any user tempted with clicking on the bogus link.
The attack primarily targeted this OS X version of iMessage, but could also recover messages of iPhones if this butt enabled SMS forwarding. This bug was discovered by a trio of researchers — Joe DeMesy plus Shubham Shah, with the help from Matt Bryant from Uber’s security team — who reported it to Apple before making this details of the attack public. There’s no proof the vulnerability was exploited for criminal ends before being patched.
The new bug comes only a few weeks after researchers at Johns Hopkins published a way into view sent photos plus videos; a vulnerability so was patched with iOS 9.3. That attack worked by masquerading as an Apple server, then brute-forcing the resulting encryption until the media was decoded.
While powerful, this attack relied on relatively basic security tactics, using javascript code in place from an iMessage URL in a classic cross_scripting attack. Apple patched next this technique by the CVE-2016/1764 update latest month. That company did not immediately reply to a request for comment; we will update this post with any answer.

Share
Tweet
Pinterest
Linkedin
Stumble
Google+
Email
Prev Article
Next Article

Related Articles

New data set helps train cars to drive autonomously in winter weather
While the most sophisticated driverless cars on public roads can …

New data set helps train cars to drive autonomously in winter weather

Now on-demand: Ars’ online IT roundtable on navigating 2020 schadenfreude
Originally broadcast on October 15, 2020. Click here for transcript. …

Now on-demand: Ars’ online IT roundtable on navigating 2020 schadenfreude

Leave a Reply Cancel reply

Find us on Facebook

Related Posts

  • Game companies speak out against racism and injustice, cancel their events
    Game companies speak out against racism and …
    02/06/2020
  • PlayStation 5 gets Godfall looter-slasher from Gearbox Publishing
    Incoming IBM CEO Arvind Krishna faces monumental …
    11/04/2020
  • Google fixes two more Chrome zero-days that were under active exploit
    Zero-days under active exploit are keeping Windows …
    09/02/2021
  • What Kamala Harris’ record says about major AI policy issues
    What Kamala Harris’ record says about major …
    12/08/2020
  • Zynga is acquiring hypercasual mobile game firm Rollic for at least $168 million
    Zynga is acquiring hypercasual mobile game firm …
    05/08/2020

Popular Posts

  • SolarWinds hack that breached gov networks poses a “grave risk” to the nation
    Code-execution flaw in VMware has a severity …
    25/02/2021 0
  • Top 10 Unsettling Facts About The Death …
    28/01/2021 0
  • Top 10 Books That Will Change Your …
    28/01/2021 0
  • 10 Notable People Who Foresaw Their Own …
    29/01/2021 0
  • Top 10 Things You Probably Never Knew …
    29/01/2021 0

viralamo

Pages

  • Contact Us
  • Privacy Policy
Copyright © 2021 viralamo
Theme by MyThemeShop.com

Ad Blocker Detected

Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker.

Refresh