HackDig : Dig high-quality web security articles for hacker

APPLE-SA-2017-09-19-1 iOS 11

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512APPLE-SA-2017-09-19-1 iOS 11iOS 11 is now available and addresses the following:Exchange ActiveSyncAvailable for: iPhone 5s and later, iPad Air and later,and iPod touch 6th generationImpact: An attacker in a privileged network position may be able toerase a device during Exchange account setupDescription: A vali
Publish At:2017-09-21 20:36 | Read:102 | Comments:0 | Tags: IOS

APPLE-SA-2017-09-20-1 Additional information for APPLE-SA-2017-09-19-1 iOS 11

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512APPLE-SA-2017-09-20-1 Additional information for APPLE-SA-2017-09-19-1 iOS 11iOS 11 addresses the following:Exchange ActiveSyncAvailable for: iPhone 5s and later, iPad Air and later,and iPod touch 6th generationImpact: An attacker in a privileged network position may be able toerase a device during Exchange acco
Publish At:2017-09-21 20:36 | Read:70 | Comments:0 | Tags: IOS

iXintpwn/YJSNPI Abuses iOS’s Config Profile, can Crash Devices

by Hara Hiroaki, Higashi Yuka, Ju Zhu, and Moony Li While iOS devices generally see relatively fewer threats because of the platform’s walled garden approach in terms of how apps are installed, it’s not entirely unbreachable. We saw a number of threats that successfully scaled the walls in 2016, from those that abused enterprise certificates to ones th
Publish At:2017-09-19 00:55 | Read:87 | Comments:0 | Tags:Mobile Apple iOS iOS Configuration Profile iXintpwn YJSNPI I

SEC Consult SA-20170913-1 :: Local File Disclosure in VLC media player iOS app

SEC Consult Vulnerability Lab Security Advisory < 20170913-1 >======================================================================= title: Local File Disclosure product: VLC media player iOS app vulnerable version: 2.7.8 fixed version: 2.8.1 CVE number: - impact: Medium homepage: https://itun
Publish At:2017-09-13 09:40 | Read:158 | Comments:0 | Tags: IOS

Zimperium researcher released an iOS Kernel Exploit PoC

Zimperium Researcher Adam Donenfeld released an iOS Kernel Exploit PoC that can be used to gain full control of iOS mobile devices. Researcher Adam Donenfeld of mobile security firm Zimperium published a Proof-of-concept (PoC) for recently patched iOS vulnerabilities that can be chained to gain full control of iOS mobile devices. The expert called the PoC ex
Publish At:2017-08-28 14:00 | Read:237 | Comments:0 | Tags:Breaking News Hacking Mobile Apple iOS Kernel Exploit kernel

Cisco IOS vulnerabilities open Rockwell Industrial Switches to attacks

Vulnerabilities in Cisco IOS expose Rockwell Allen-Bradley Stratix and ArmorStratix industrial Ethernet switches to remote attacks. Some models of the Allen-Bradley Stratix and ArmorStratix industrial Ethernet switches are exposed to remote attacks due to security flaws in Cisco’s IOS software. According to the security alert issued by ICS-CERT, an authentic
Publish At:2017-08-26 06:45 | Read:271 | Comments:0 | Tags:Breaking News Hacking CISCO Cisco IOS Software iOS SNMP IOS

Apple iOS Exploit Takes Complete Control of Kernel

Researcher demonstrates 'severe' ZIVA exploit at Hack in the Box.Multiple vulnerabilities in the AppleAVEDriver when linked together create an opportunity to launch an iOS exploit that can take full control of the iOS kernel, security researcher Adam Donenfeld of Zimperium's zLabs revealed today.Donenfeld, who today demonstrated the exploit at the&
Publish At:2017-08-25 05:30 | Read:207 | Comments:0 | Tags: IOS exploit

ziVA: Zimperium’s iOS Video Audio Kernel Exploit

Follow @doadam Following my previous post, I’m releasing ziVA: a fully chained iOS kernel exploit that (should) work on all the iOS devices running iOS 10.3.1 or earlier. The exploit itself consists of multiple vulnerabilities that were discovered all in the same module: AppleAVEDriver. The exploit will be covered in depth in my HITBGSEC talk held on August
Publish At:2017-08-24 04:35 | Read:313 | Comments:0 | Tags:iOS Threat Research IOS exploit

iOS 11 in the Enterprise: Get Your iPads Ready

While some are in back-to-school mode and others are getting ready for football, we’re gearing up for the latest mobile operating systems to hit the market. With the Apple iOS 11 release right around the corner, the time is now for IT and security leaders to zero in on their Apple iOS management strategy to prepare for the myriad changes set to affec
Publish At:2017-08-23 22:25 | Read:241 | Comments:0 | Tags:Mobile Security Apple apple releases Enterprise Mobility iOS

Apple iOS 10.3 - UI SMS Access Permission Vulnerability

Document Title:===============Apple iOS 10.3 - UI SMS Access Permission VulnerabilityReferences (Source):====================https://www.vulnerability-lab.com/get_content.php?id=2078Apple Security ID: 666589482Video: https://www.vulnerability-lab.com/get_content.php?id=2079Vulnerability Magazine: https://www.vulnerability-db.com/?q=articles/2017/08/14/apple-
Publish At:2017-08-16 10:20 | Read:320 | Comments:0 | Tags: IOS Vulnerability

Google adds Anti-Phishing feature also to Gmail app for iOS

To fight phishing attacks, Google has introduced a security measure for its Gmail app for iOS that will help users identify and delete phishing emails. Phishing continues to be one of the most dangerous threats, crooks continue to devise new techniques to trick victims into providing sensitive information. The technique is still the privileged attack vector
Publish At:2017-08-15 15:40 | Read:340 | Comments:0 | Tags:Breaking News Mobile Security Cybercrime Gmail Gmail app for

ZPI: One approach to rule them all

Introduction In 1975, a book was published that changed the way we approach complex problems. Inspired on how nature works “Adaptation in Natural and Artificial Systems” set the bases of genetic algorithms. The release date of this blogpost is strongly linked to that book, it is a symbolic tribute to its author, John Henry Holland, who passed out
Publish At:2017-08-10 08:55 | Read:336 | Comments:0 | Tags:Android iOS Mobile security Mobile Threat Defense Windows Ze

Jailbreak versus Compromise…

We see a lot of confusion in the market about precisely what it means to jailbreak a device–and that confusion could lead to serious problems, especially with regard to the notion of a hacker performing a jailbreak to attack a device. The security industry is notoriously full of acronyms, buzzwords and generally opaque jargon. Here at Zimperium, we try
Publish At:2017-08-08 13:55 | Read:338 | Comments:0 | Tags:iOS Mobile security Mobile Threat Defense Exploit jailbreak

Apple removed iOS VPN apps from Chinese App Store in compliance to censorship law

In compliance with Chinese Internet monitoring law, Apple has started removing all IOS VPN apps from it App Store in China. The company complies with a request from the Chinese Government that wants to strict censorship making it harder for netizens to bypass the Great Firewall system (aka Golden Shield project). The Golden Shield project allows China to c
Publish At:2017-07-30 11:50 | Read:374 | Comments:0 | Tags:Breaking News Digital ID Laws and regulations Apple Censorsh

Broadcom Chipset Bug in Android, iOS Smartphones Allows Remote Attack

Security researcher found a common flaw in Android and iOS smartphone chipsets that could allow a remote exploit to be unleashed on millions of devices.BLACK HAT – Las Vegas - Android and iOS smartphones loaded with a Broadcom Wi-Fi chipset offer attackers a common means to launch a remote exploit that could affect millions of users, according to a pre
Publish At:2017-07-27 21:45 | Read:199 | Comments:0 | Tags: IOS

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud