Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Login or Register to Hide ads and Accessing all features on the forum

News 

$100,000 Bounty Apple Zero-day Bug in “Sign in with Apple” Let Hackers Take Takeover

0 Replies, 1737 Views

In The Name OF Allah
Al-Salam Alekum

[Image: Sign+in+with+Apple.jpg]

Hello guys, Coming back after a break Smile  Looks like apple is very cute Big Grin 
Quote:Indian Security researcher found a critical Zero-day vulnerability in “Sign in with Apple” let hackers take over the third-party application accounts by just having their Email ID.


Very Similar to OAuth 2.0, Apple’s “sign in with Apple” helping the user to sign in to their third-party apps and websites faster using their Apple ID without filling out forms, verifying email addresses.

This feature is using million of Apple users to sign in their Third-party apps such as Dropbox, Spotify, Airbnb, Giphy, and the bug considering as “Critical” as it could have allowed full account takeover by the remote attackers.

Bhavuk Jain , Security Researcher from India reported this critical vulnerability to Apple said: “Successfully exploitation of the bug could have resulted in a full account takeover of user accounts on that third party application irrespective of a victim having a valid Apple ID or not.”
 
The Source

Thank you Smile
Wa Salam Alekum
Rs
* Thankful to Allah *
Kurdy

Possibly Related Threads…
Thread Author Replies Views Last Post
Star News Top tip, everyone: Chinese hackers are hitting these 25 vulns, so make sure you patc News 0 1,805 10-21-2020, 11:27 AM
Last Post: News
Star News US Warns: Hackers Chaining Zerologon, Other Vulnerabilities News 0 1,851 10-11-2020, 01:15 PM
Last Post: News
Exclamation News Windows SMB Protocol Bug Let Hackers Leak Kernel Memory & Execute a Code Remotely Mr.Kurd 0 1,688 06-12-2020, 08:24 AM
Last Post: Mr.Kurd
Star News Hackers Are Bundling Cryptominer With a Seemingly Legit Zoom Installer on Unofficial Mr.Kurd 0 1,942 04-08-2020, 08:43 AM
Last Post: Mr.Kurd
Smile News A Hacker Found a Way to Take Over Any Apple Webcam Mr.Kurd 0 1,890 04-04-2020, 10:57 AM
Last Post: Mr.Kurd
Question News Windows Running MS-SQL Servers Under Attack!! Hackers Installing 10 Secret Backdoors Mr.Kurd 0 1,528 04-02-2020, 08:38 AM
Last Post: Mr.Kurd
Sad News Critical RCE Bug in WordPress Plugin Let Hackers Gain Admin Access on 200,000 Website Mr.Kurd 0 1,500 04-01-2020, 11:19 AM
Last Post: Mr.Kurd
Exclamation News Hackers Deliver LimeRAT Malware Using Password Protected Excel Spreadsheet’s Mr.Kurd 0 1,637 04-01-2020, 11:17 AM
Last Post: Mr.Kurd
Shocked News Hackers Using Zoom’s Popularity in Coronavirus Outbreak to Infect Computers Mr.Kurd 0 1,678 03-31-2020, 07:36 AM
Last Post: Mr.Kurd
Exclamation News Hackers Exploiting 2 Unpatched Windows 0-Day Vulnerabilities in Wide – Microsoft Warn Mr.Kurd 0 1,924 03-24-2020, 07:56 AM
Last Post: Mr.Kurd



Users browsing this thread: 1 Guest(s)