Total Tests:

Wormable Apple iCloud Bug Allows Automatic Photo Theft

By Elizabeth Montalbano for Threatpost
Friday, October 9, 2020

The team was ultimately able to create a proof of concept that demonstrated code that steals all of the victim’s personal iCloud information (photos, calendar information and documents) then forwards the same exploit to all of their contacts.

Ilia Kolochenko, founder and CEO of web security company ImmuniWeb, said that the success of the bounty-hunters should be a wake-up call.

“Unfortunately, there is no warranty that these vulnerabilities have not been exploited by sophisticated threat actors to silently compromise VIP victims,” he said via email. “Worse, likely more similar vulnerabilities exist undiscovered and may be known to hacking groups that make a lot of money by their exploitation. Modern web applications open the door to corporate networks with the most critical information, and their breach can be fatal for a company.” Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential