Title: Dozens of popular iOS apps leave user data vulnerable to attack Post by: HCK on February 09, 2017, 04:05:15 pm Dozens of popular iOS apps leave user data vulnerable to attack
<article> <section class="page"> <p>Dozens of iOS apps that are supposed to be encrypting their users’ data don’t do it properly, according to a security researcher.</p><p>Will Strafach, CEO of Sudo Security Group, said he found 76 iOS apps that are vulnerable to an attack that can intercept protected data.</p><p>The developers of the apps have accidentally misconfigured the networking-related code so it will accept an invalid Transport Layer Security (TLS) certificate, Strafach claimed (https://medium.com/@chronic_9612/76-popular-apps-confirmed-vulnerable-to-silent-interception-of-tls-protected-data-2c9a2409dd1#.vztmmcq0i) in a Monday blog post. </p><p>TLS is used to secure an app’s communication over an internet connection. Without it, a hacker can essentially eavesdrop over a network to spy on whatever data the app sends, such as login information. </p><p class="jumpTag"><a href="/article/3166530/security/dozens-of-ios-apps-fail-to-secure-users-data-researcher-says.html#jump">To read this article in full or to leave a comment, please click here[/url]</p></section></article> Source: Dozens of popular iOS apps leave user data vulnerable to attack (http://www.macworld.com/article/3166530/security/dozens-of-ios-apps-fail-to-secure-users-data-researcher-says.html#tk.rss_all) |