Lessons learned from the iPhone call recording app vulnerability

10 May 2021

News quickly spread about a vulnerable call recording app for iPhone named “Call Recorder,” or “Acr call recorder,” as its listing in the Apple App Store states. TechCrunch was the first outlet to flag a design flaw with the mobile application’s API when it obtained call recordings from AWS S3 cloud storage to prove it was insecure and therefore open to API-based attacks. The weaknesses exhibited by the mobile app represent a vital shift occurring in cybersecurity towards the importance of the protection and hardening of APIs. From this instance alone, we can learn a number of valuable lessons as API attacks are set to rise drastically this year.

Read full article on Security Magazine

Date:

10 May 2021

Categorie(s):

NEWS

Tag(s):

Apple, iOS, iPhone, Lessons, Mobile Development

Russia’s Sandworm APT linked to attack on Texas water plant18 April 2024
Change Healthcare data for sale on dark web as fallout from ransomware attack spirals out of control18 April 2024
New Cyber-Threat MadMxShell Exploits Typosquatting and Google Ads18 April 2024
Mental health company Cerebral failed to protect sensitive personal data, must pay $7 million18 April 2024
OfflRouter Malware Evades Detection in Ukraine for Almost a Decade18 April 2024