News Highlights: Researcher Violates Apple, Microsoft and Others with Installer
A security researcher hacked into the internal systems of large companies such as Apple, Microsoft, PayPal, and others with a supply chain attack he called “dependency confusion.”
The attack exploited a flaw inherent in many popular installers used by developers for packages and dependencies. By uploading malware to open source repositories, researcher Alex Birsan was able to trick these installers into downloading his malicious code, according to a write down he posted on Medium.
Apple told the researcher that the vulnerability could have been used to execute remote code on Apple servers. When asked if an attacker could have injected loopholes into Apple ID, Birsan said that “reaching a backdoor in an operational service requires a more complex sequence of events and is a very specific term with additional connotations.”
The Cupertino …
Read more from Source
Copyright @ appleinsider.com
- Check the latest Gaming news updates and information about games.
- Please share this news Researcher Violates Apple, Microsoft and Others with Installer with your friends and family to support us your one share helps us a lot.
- Follow us on Facebook and Twitter if you need more updates like this.