A security researcher says a vulnerability in Apple’s mobile email application could be used to trick someone into divulging their iCloud password.
Prague-based Jan Soucek published proof-of-concept code that shows how he could send an email to someone with HTML code that resembles the iCloud login pop-up window. Soucek then receives an email containing the password.
The vulnerability allows remote HTML content to be loaded in an email, which replaces the content of the email message. Soucek wrote he then built a functional password collector using HTML and CSS. He also published a demonstration video.
To read this article in full or to leave a comment, please click here
more: http://wp.me/p55gzU-h7j.
Keine Kommentare:
Kommentar veröffentlichen