Apple plugs IoT HomeKit hole [source: nakedsecurity]

by CIRT Team

Apple just can’t seem to get away from the theme of security flaws right now.

Last month it was the macOS 10.13 root password issue, hot on the heels of the news that the iPhone’s X’s much-vaunted Face ID authentication could be bypassed using a prosthetic mask.

And it only seems fair to mention the small matter of the ‘show your password hint in encrypted APFS volumes’ issue macOS High Sierra users were told about in October.

Even Google’s Project Zero has got in on the act, publishing news of a jailbreaking proof-of-concept for iOS and macOS that seemed designed to draw attention to unexpected weaknesses in once-impregnable Apple software.

Now a researcher has discovered that Apple’s HomeKit Internet of Things (IoT) framework has a vulnerability serious enough to allow an attacker to control IoT devices using its protocol, such as thermostats, lights, power points, air conditioners, as well as smart home locks and garage door openers.

For more, click here.

CIRT Team

Recommended Posts

Training on cybersecurity awareness for Department of Women Affairs

25 Nov 2023 - Articles, English articles, News, News Clipping, Service

BGD e-GOV CIRT এর আয়োজনে আয়োজনে আর্থিক প্রতিষ্ঠান ও CII সমূহের সাইবার ড্রিল ২০২৩ চূড়ান্ত পর্ব অনুষ্ঠিত

22 Oct 2023 - Articles, Bangla Articles, CIRT In Media, News, News Clipping

WhatsApp down for millions of users globally: App not working for group and individual chats; Twitter gets flooded with memes

25 Oct 2022 - News, News Clipping