Security Experts Hack iPhone to Show Vulnerability from Attackers

#ad▼

Security researchers at Independent Security Evaluators discovered a vulnerability, developed a toolchain for working with the iPhone’s architecture (which also includes some tools from the #iphone-dev community), and created a proof-of-concept exploit capable of delivering files from the user’s iPhone to a remote attacker. The exploit is delivered via a malicious web page opened in the Safari browser on the iPhone.

There are three ways that an attacker can control the browser: a controlled wireless access point, an improperly configured forum website that includes harmless code in a forum post, and a link delivered via e-mail or SMS.


Video presented by ISE showing the exploit.

The security experts have notified Apple of the vulnerability and proposed a patch. Apple is currently looking into it.

Security and safety practices during use of the iPhone to thwart attackers:

Only visit sites you trust. If you don’t visit attackers’ sites, you give them one less attack vector.

Only use WiFi networks you trust. If attackers have control of your Internet connection, they have the ability to insert exploits into any website you visit.

Don’t open web links from emails. Many current viruses send links to malicious sites in emails that look like they are from trusted contacts.

See more info …
securityevaluators.com/iphone
also exploitingtheiphone.com

Search Amazon …

Search for products sold on Amazon:

Arlingtoncardinal.com is an Amazon Associate website, which means that a small percentage of your purchases gets paid to Arlingtoncardinal.com at no extra cost to you. When you use the search boxes above, any Amazon banner ad, or any product associated with an Amazon banner on this website, you help pay expenses related to maintaining Arlingtoncardinal.com and creating new services and ideas for a resourceful website. See more info at Arlingtoncardinal.com/AdDisclosure