Hacking is one of
the well-known and threatening issues nowadays. Hackers can infiltrate even the biggest companies like Sony.
Series of denial of
service (DoS) attacks recently happened to various organizations and companies'
websites and their servers.
But this kind of
attack doesn't only happen to websites, it is recently proven by the mobile
security firm Skycure that it is possible to attack iOS devices.
Researchers from
Skycure discovered by generating a doctored SSL certificate, attackers can
regenerate a bug and cause apps that perform SSL communication to crash at
will. As SSL is a security best practice and is utilized in almost all apps in
the Apple app store, the attack surface is very wide. Any delay in patching the
vulnerability could lead to a serious business impact: an organized denial of
service (DoS) attack can lead to big losses.
Even worse, under
certain circumstances, Skycure managed cause devices to constantly reboot
itself, rendering it basically useless.
The hack occurs
through WiFi. If your iOS device connects to any unsecured WiFi hotspots, then
you are a possible victim. In fact, even if you don't allow unsecured
connections, you could still be a victim.
Skycure had
previously revealed another iOS vulnerability called WiFiGate, wherein an
attacker could force your iOS device to connect to their network.
If the recently
discovered WiFi hack will be combined with WifiGate, the effect can be very
dreadful to iOS users. It could create a
"No iOS Zone", as Skycure calls it, a dead zone where all iOS devices
are affected by the hack, rendering them useless.
Skycure said that a
victim should get his/her device physically out of the range of attacking
hotspot(s). The public should also keep in mind that a sophisticated attacker
may be able to cover a large area.
Skycure is
currently working with Apple to fix the vulnerabilities but until they do, you
might want to keep a very close watch on suspicious Wi-Fi hotspots.
Corliss Expert Group in Home Security consists of dedicated experts working and doing research in home
security to provide consumers with efficient security systems that help them
save time and money. Corliss security-reviews are developed with the goal of
assisting consumers make wise decisions in spite of the conflicting information
they get online. We concentrate mainly on delivering substantial advice on the
home-security system industry with the interests of the end-users always as the
top priority.
No comments:
Post a Comment