Following on from my previous post on how iOS apps are accessing and uploading contact data, it's now been reported there are permission issues with an app that can access the iOS photo library. A test app was developed called PhotoSpy which was commissioned by The New York Times. The PhotoSpy app requires the user to allow access to location data (and only once), but the app can also gain access via stealth to the photo library and upload the user's entire photo library to a cloud storage environment, without any further notification.
The main cause for concern was of course that this app did not ask for permission to access and upload the photo libraries. Thankfully, this app was never published on the App Store, and I doubt it would have been. Read more...
Author
- BlogSeptember 23, 2023Leveraging AI in Cybersecurity: Transforming Threat Detection, Prevention, and Beyond
- BlogAugust 24, 2023How Simply Browsing The Internet Gives Scammers An Advantage – And What You Can Do About It
- BlogJuly 1, 2022WEF - WiFi Exploitation Framework
- BlogMay 19, 2022Osmedeus is a Workflow Engine for Offensive Security