Disclaimer: We may earn a commission if you make any purchase by clicking our links. Please see our detailed guide here.

Follow us on:

Google News
Whatsapp

Researchers Rename iPhone, Tesla to Reveal Remote Server Details

IANS
IANS
Meet the voice behind Indo-Asian News Service (IANS), a storyteller navigating the currents of global events with precision and depth. Crafting narratives that bridge cultures, IANS brings you the pulse of the world in every word

Cyber security researchers have discovered that changing the device name of an iPhone or a Tesla in the settings reveals remote server details, indicating that the server at the other end is vulnerable to the most serious Internet bug called ‘Log4Shell’.

In demonstrations, researchers changed the device names to a “string of characters” that would send servers to a testing URL, reports The Verge.

“After the name was changed, incoming traffic showed URL requests from IP addresses belonging to Apple and, in the case of Tesla, China Unicom — the company’s mobile service partner for the Chinese market,” the report said late on Monday.

The team of researchers actually tricked Apple and Tesla servers into visiting a URL of their choice.

A Dutch security researcher demonstrated the iPhone server details.

“An attacker could host malicious code at the target URL in order to infect vulnerable servers, but a well-maintained network could prevent such an attack at the network level,” the report noted.

Cyber security researchers have warned that hackers make over 100 attempts every minute to exploit a critical security vulnerability in the widely-used Java logging system called ‘Apache log4j2’, leaving millions of companies globally at risk of cyber theft.

Several popular services, including Apple iCloud, Amazon, Twitter, Cloudflare, and Minecraft, are vulnerable to this ‘ubiquitous’ zero-day exploit, now dubbed as one of the most serious vulnerabilities on the Internet in recent years.

‘Apache Log4j’ is used in many enterprise and open-source software forms, including cloud platforms, web applications, and email services.

Apache Log4j is the most popular Java logging library with over 400,000 downloads from its GitHub project. It is used by a vast number of companies worldwide, enabling logging in a wide set of popular applications.

“Exploiting this vulnerability is simple and allows threat actors to control java-based web servers and launch remote code execution attacks,” cyber security researchers said in a blog post.

Researchers at Microsoft have also warned about attacks attempting to take advantage of ‘Log4j’ vulnerabilities, including a range of crypto-mining malware.

Recomended

Partner With Us

Digital advertising offers a way for your business to reach out and make much-needed connections with your audience in a meaningful way. Advertising on Techgenyz will help you build brand awareness, increase website traffic, generate qualified leads, and grow your business.

More from this topic