|
Title: Apple Mail flaw could pose risk to iCloud passwords Post by: HCK on June 12, 2015, 09:00:12 pm Apple Mail flaw could pose risk to iCloud passwords
<article> <section class="page"> <p> A security researcher says a vulnerability in Appleās mobile email application could be used to trick someone into divulging their iCloud password.</p><p> Prague-based Jan Soucek (https://twitter.com/jansoucek) published proof-of-concept code (https://github.com/jansoucek/iOS-Mail.app-inject-kit/tree/master) that shows how he could send an email to someone with HTML code that resembles the iCloud login pop-up window. Soucek then receives an email containing the password.</p><p> The vulnerability allows remote HTML content to be loaded in an email, which replaces the content of the email message. Soucek wrote he then built a functional password collector using HTML and CSS. He also published a demonstration video (https://www.youtube.com/watch?v=9wiMG-oqKf0).</p><p class="jumpTag"><a href="/article/2934552/apple-mail-flaw-could-pose-risk-to-icloud-passwords.html#jump">To read this article in full or to leave a comment, please click here[/url]</p></section></article> Source: Apple Mail flaw could pose risk to iCloud passwords (http://www.macworld.com/article/2934552/apple-mail-flaw-could-pose-risk-to-icloud-passwords.html#tk.rss_all) |