Several state agencies targeted by malware threat
Full coverage |
Full coverage |
Full coverage |
Apple has purged its iOS App Store of several titles that it said had the ability to compromise encrypted connections between end users and the servers they connect to. The company advised users to uninstall the apps from their iPhones and iPads to prevent potentially harmful monitoring, but it has yet to name any of the offending titles.
“Apple has removed a few apps from the App Store that install root certificates that could allow monitoring of data,” company officials wrote in an advisory posted Friday. “This monitoring could be used to compromise SSL/TLS security solutions. If you have one of these apps installed on your device, delete both the app and its associated configuration profile to make sure your data remains protected.”
Apple representatives didn’t respond to an e-mail seeking the names of the offending apps and an explanation of why they weren’t identified. This post will be updated if they reply later.
A hacker group called the Syrian Electronic Army (SEA) scared visitors to several news websites on Thursday by posting rogue pop-up messages saying they’d been hacked.
According to reports from users on Twitter the affected sites included those of CNBC, Forbes, the Chicago Tribune, OK magazine, the Evening Standard, PCWorld, The Daily Telegraph and The Independent.
Not all visitors to those sites have seen the pop-up messages, which read “You’ve been hacked by the Syrian Electronic Army (SEA)” and in many cases the incident was reported by mobile users.
SEA does not appear to have actually hacked the affected websites directly, but instead pulled off the attack through Gigya, a customer identity management platform used by a large number of brands. The group posted a screen shot on Twitter from inside the control panel for the Gigya.com domain at GoDaddy, suggesting that they had control over the account.
To read this article in full or to leave a comment, please click here