![]() ![]() This is how even supposedly securely stored passwords could be hacked. "We also showed that the attacker could automatically use the login data stored in the password manager LastPass if the auto-fill option is enabled," says Yuval Yarom. Or they can open other websites, for example the login page of the user's bank. If a user visits the attacker's website, the attacker can open the user's email app in a new window and read the contents of the inbox. His advice: "As always, the rule is that you should only click on trustworthy sites." "Users can't tell that they've landed on such a page," explains Yuval Yarom from the Faculty of Computer Science at Ruhr University Bochum. In order to execute the new attack called "iLeakage," attackers must first direct users to a website that they control. Gaining access to passwords and email accounts They will present their findings at the Conference on Computer and Communications Security (CCS), which will take place in Copenhagen from 26 to 30 November 2023. The project was conducted jointly by Professor Yuval Yarom from the Cluster of Excellence "Cyber Security in the Age of Large-Scale Adversaries" (CASA) in Bochum, Jason Kim and Associate Professor Daniel Genkin from Georgia Tech and Stephan van Schaik from the University of Michigan. On the website, the researchers report about the vulnerability, available updates and how they can be enabled. ![]() Apple has released first software updates that aim at fixing the vulnerability and continues to work on further updates. Still, researchers showed even in 2023 that Mac and iOS systems are not yet adequately protected against this type of attack.Ī team from Ruhr University Bochum (Germany), Georgia Tech and the University of Michigan showed that they could exploit the hardware vulnerability to gain access to passwords, emails and location data via the Safari browser. In response, manufacturers developed countermeasures-Apple was one of them. A great number of devices and operating systems were affected. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |