Just In
-
-
-
-
Don't Miss
-
Most Sixes in IPL 2024: Top 10 Players And Teams To Hit Most Sixes As Of April 20 -
2:1 Bonus Issue: IT Penny Stock Turned; 1,600 Shares Market Lot Size Revised To 4,800 Shares -
Bigg Boss Malayalam 6 Voting Trends: Saranya, Sreerekha or Jaanmoni; Who Will Get Least Votes On Mohanlal’s Sh -
Golden Rules To Follow For Happy Marriage For A Long Lasting Relationship -
Chinese President Xi Jinping Orders Biggest Military Reorganisation Since 2015 -
Exam Pressure Does Not Exist; Studying Punctually is Crucial; Says Aditi, the PSEB 2024 Topper -
Suzuki Swift Hatchback Scores 4 Star Safety Rating At JNCAP – ADAS, New Engine & More -
Journey From Delhi To Ooty: Top Transport Options And Attractions
Apple iPhones and iPads Under 'Masque Attack' Threat
Cyber security sleuths have alerted users of Apple iPhones and iPads against a lurking 'Masque Attack' on their devices that could compromise gadget safety and steal sensitive private information.
Recommended: Top 15 New Smartphones now Available with Exchange Offer
In its latest advisory to the users, the Computer Emergency Response Team-India (Cert-In) said, a vulnerability has been reported in Apple iOS which allows any iOS application that is installed using enterprise or ad hoc provisioning to replace any legitimate iOS application installed through App Store with any other malicious application.
"This attack is also known as 'Masque Attack' technique against Apple iOS. Successful exploitation of this vulnerability could allow remote attacker to steal sensitive information from the device, monitor user activities, gain root privileges on the device and launch further attacks," the CERT-In advisory said.
The CERT-In is the nodal agency to combat hacking, phishing and to strengthen security-related defences of the Indian internet domain.
The iOS is the backbone of all operations and apps in various Apple gadgets like iPhones, tabs and ipads. Apple has already asked users to download applications and other information from trusted sources only.
This vulnerability, the agency said, is caused due to iOS not properly enforcing and matching of certificates for apps (applications) with the same identifier.
Recommended: Panasonic Eluga I Now Listed in Flipkart at Rs 9,999: Top 10 Midrange Smartphone Rivals
"A remote attacker could exploit this vulnerability by tricking the victim into installing an application from a source other than the iOS App store or their organizations provisioning system. Attacker could then utilize this application to replace other legitimately installed applications, except iOS preinstalled applications, with any malicious application that uses the bundle identifier of the legitimate application thus bypassing the App Store review process," it said.
The agency called it a "high" rated threat and said it could affect various versions of the Apple iOS.
The cybersecurity agency has also suggested some counter-measures in this regard.
"Don't install apps from third-party sources other than Apple's official App Store or your own organization, don't click 'install' on a pop up from a third-party web page, carefully read iOS notification while opening applications and if iOS shows an 'untrusted App Developer' alert click on 'don't trust' and uninstall the application immediately," it recommended.
PTI
-
99,999 -
1,29,999 -
69,999 -
41,999 -
64,999 -
99,999 -
29,999 -
63,999 -
39,999 -
1,56,900
-
79,900 -
1,39,900 -
1,29,900 -
65,900 -
1,56,900
-
1,30,990 -
76,990 -
16,499 -
30,700 -
12,999
-
62,425 -
1,15,909 -
93,635 -
75,804 -
9,999 -
11,999 -
3,999 -
2,500 -
3,599 -
8,893
