Get a Pentest and security assessment of your IT network.

Cyber Security

Apple Touch ID Flaw Could Have Let Attackers Hijack iCloud Accounts

Apple fixed a security vulnerability in iOS and macOS that could have potentially allowed an attacker to gain unauthorized access to a user’s iCloud account. The flaw resided in Apple’s implementation of TouchID (or FaceID) biometric feature that authenticated users to log in to websites on Safari. The vulnerability resides in the gsa.apple.com API, which made it theoretically possible to abuse those domains to verify a client ID without authentication. In May, Apple patched a flaw impacting its “Sign in with Apple” system that made it possible for remote attackers to bypass authentication.

Source: https://thehackernews.com/2020/08/apple-touchid-sign-in.html

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation