Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 2 April, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Apple releases patch for SSL weaknesses in iOS

by The Gurus
February 24, 2014
in Editor's News
Share on FacebookShare on Twitter

On Friday, Apple  released a patch for quite a substantial security vulnerability in its iOS operating system that meant hackers could read an modify encrypted communications on iPhone, iPad and other iOS devices. In an email to IT Security Guru, Mark Bower, VP at Voltage Security answers some important questions about what users should be aware of.
What’s the meaning of the flaw and what do users need to do now?
The flaw basically means a critical check on the validity of a server’s SSL certificate is ignored when an app is establishing a secure connection. That might be your electronic banking application, your email, or a browser. This means that for quite some time, attackers with knowledge of this bug had the ability to mount man-in-the middle attacks to users operating Apple devices.
This could have allowed interception or modification of SSL communications which are supposed to be private and encrypted. The impact is to the many commonly use browsers, email clients, instant messaging clients, social network apps and so on.
The bug has been fixed  in the latest iOS release, but the current Mac OS X also appears to have the flaw and until a patch is available, OS X based laptops, desktops and servers are vulnerable.
Should they download the patch?
They should patch immediately. This is a major bug that puts users’ sensitive data like login credentials, passwords, email, and browsing data at risk. When Apple releases for OS X, users should patch at their earliest opportunity. Until then, users should be very wary of accessing web content that is sensitive, especially on a network that attackers may also be on at the same time – which is more often than you might think.
What else?
Even the best companies can make mistakes. In this case a major flaw persisted for a long time. Using solutions for data protection from leading experts in data security who use secure software development practices, security validation and independent tests can help avoid this kind of situation when selecting tools for enterprise data protection.
 

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Samsung and Zscaler Announce Enterprise-Ready Mobile Security Solution

 Next Post

HP & AlienVault Use Threat Intelligence Sharing to Strengthen Defense

Recent News

Data Privacy Day: Securing your data with a password manager

For Cybersecurity, the Tricks Come More Than Once a Year

March 31, 2023
cybersecurity training

Only 10% of workers remember all their cyber security training

March 30, 2023
Pie Chart, Purple

New API Report Shows 400% Increase in Attackers

March 29, 2023
Cato Networks delivers first CASB for instant visibility and control of cloud application data risk

Cato Networks Recognised as Leader in Single-Vendor SASE Quadrant Analysis

March 29, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information