IEEE Computer Society Newsfeed

Subscribe RSS

« Back

Apple Security Exploit Uncovered

Almost immediately after rolling out new two-step verification security, Apple discovered a vulnerability that could enable hackers to easily reset an account password via its iForgot service using only the user’s e-mail and date of birth. Any user who had not enabled two-factor authentication was not vulnerable. The exploit for bypassing the security questions was detailed and widely shared online. It had reportedly originated with a Chinese-language hacking website, although it was later published in English. The new security was intended to protect Apple ID and iCloud account users, including iTunes. The new security is available in the US, UK, Australia, Ireland, and New Zealand. Apple claims the vulnerability has been fixed. (The Verge)(ZDNet)

Trackback URL: