Apple iOS Phishing Vulnerability Discovered
Researcher Nitesh Dhanjani says the flaw stems from the ability to push the iPhone browser's address bar out of view.
A security researcher is warning of a vulnerability in Apple's iOS that enables malicious web pages to pose as secure, trusted sites.
"The weakness stems from the ability of web developers to display pages on iPhones that push the address bar out of view, researcher Nitesh Dhanjani wrote in a blog post that demonstrates the problem," writes The Register's Dan Goodin. "It shows a version of mobile Safari visiting a page on Dhanjani's website that looks remarkably similar to the log-in page of BankofAmerica.com, including what appears to be the Secure Sockets Layer imprimatur certifying the page is authentic."
"Dhanjani said he alerted members of Apple's security team to the threat and they indicated they weren't likely to make changes anytime soon," Goodin writes.
Click here to read the article at The Register.
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.