New keylogging security flaw found in iOS 7


Gigaom

Apple(s aapl) just patched a serious SSL vulnerability flaw in iOS 7 last week, but that doesn’t appear to the end of its mobile security problems. Ars Technica pointed Tuesday to a blog post from security company FireEye that shows a new security flaw in iOS 7 that could allow certain apps to log your keystrokes as they run in the background.

Here are the details according to FireEye:

“We have created a proof-of-concept “monitoring” app on non-jailbroken iOS 7.0.x devices. This “monitoring” app can record all the user touch/press events in the background, including touches on the screen, home button press, volume button press and TouchID press, and then this app can send all user events to any remote server, as shown in Fig.1. Potential attackers can use such information to reconstruct every character the victim inputs.

Note that the demo exploits the latest 7.0.4 version of iOS system…

View original post 238 more words

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s