‘iLeakage’ Attack Can Force Apple Safari To Reveal Passwords


A group of academic researchers has developed a speculative execution attack named “iLeakage” that can extract sensitive data, such as passwords and emails, on recent Apple devices via the Safari web browser.

iLeakage has been developed by a team of academics from Georgia Tech, the University of Michigan, and Ruhr University Bochum after extensive examination of Safari’s side-channel resilience. They have also published a paper and website warning users about the threat.

Read more…
Source: TechWorm