Apple iPhone Security

Like the old adage that ‘he who rides a tiger is afraid to dismount,’ enterprises today are bounding along on the back of a particularly large and fearsome tiger. It’s called “consumer technology” and its shape is outlined by the myriad of devices and services that modern information workers are bringing to work and using – or want to use – to get their jobs done.

eBay’s PayPal online payment division is rushing a software patch to users of its iPhone mobile payments application to plug a hole that leaves users vulnerable to man-in-the-middle and phishing attacks, but the firm that found that hole said transaction security is just one problem facing the mobile payments application.

It’s possible to craft a malicious website so that a user’s clicks are
secretly redirected to a legitimate site in a way that steals a user’s
passwords and other data. Many Web developers have added protections to
block the tactic on standard websites, but Stanford University
researchers warn that there are not nearly enough defenses against the
technique on mobile websites. Read the full article. [Technology Review]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.