|
Title: News: Security researcher IDs new app-spoofing iOS vulnerability Post by: HCK on November 11, 2014, 03:00:40 am News: Security researcher IDs new app-spoofing iOS vulnerability
Security research firm FireEye has identified a vulnerability that can allow iOS apps to be replaced by malware versions. Dubbed the “Masque Attack,” the vulnerability uses an existing app’s App Store ID, signed with an enterprise provisioning certificate, to replace the good app with a rogue version. The report explains that although iOS requires that all third-party applications be signed by a valid provisioning certificate, it… Source: News: Security researcher IDs new app-spoofing iOS vulnerability (http://www.ilounge.com/index.php/news/comments/security-researcher-ids-new-app-spoofing-ios-vulnerability) |