HACKINTOSH.ORG | Macintosh discussion forums

Macintosh News => iPhone/iPod/iPad News => Topic started by: HCK on November 11, 2014, 03:00:40 am



Title: News: Security researcher IDs new app-spoofing iOS vulnerability
Post by: HCK on November 11, 2014, 03:00:40 am
News: Security researcher IDs new app-spoofing iOS vulnerability

Security research firm FireEye has identified a vulnerability that can allow iOS apps to be replaced by malware versions. Dubbed the “Masque Attack,” the vulnerability uses an existing app’s App Store ID, signed with an enterprise provisioning certificate, to replace the good app with a rogue version. The report explains that although iOS requires that all third-party applications be signed by a valid provisioning certificate, it…

Source: News: Security researcher IDs new app-spoofing iOS vulnerability (http://www.ilounge.com/index.php/news/comments/security-researcher-ids-new-app-spoofing-ios-vulnerability)