HackDig : Dig high-quality web security articles for hacker

IOS Forensics

1. INTRODUCTIONDay by day, Smart phones and tablets are becoming popular, and hence technology used in development to add new features or improve the security of such devices is advancing too fast. iPhone and iPod are the game changer products launched by Apple. Apple operating system (IOS) devices started growing popular in the mobile world. Latest Sm
Publish At:2017-07-26 05:50 | Read:395 | Comments:0 | Tags:Forensics IOS

Zimperium zLabs iOS Security Advisories

As part of zLab’s platform research team, I’ve tried to investigate an area of the kernel that wasn’t thoroughly researched before.  After digging into some of Apple’s closed-source kernel modules, one code chunk led to another and I’ve noticed a little-known module, which I’ve never seen before, called AppleAVE. AppleAVE 
Publish At:2017-07-21 00:15 | Read:300 | Comments:0 | Tags:iOS Threat Research AppleAVE vulnerability IOS

APPLE-SA-2017-07-19-1 iOS 10.3.3

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512APPLE-SA-2017-07-19-1 iOS 10.3.3iOS 10.3.3 is now available and addresses the following:ContactsAvailable for: iPhone 5 and later, iPad 4th generation and later,and iPod touch 6th generationImpact: A remote attacker may be able to cause unexpected applicationtermination or arbitrary code executionDescription: A
Publish At:2017-07-20 22:22 | Read:241 | Comments:0 | Tags: IOS

Apple iOS Malware Growth Outpaces that of Android

Number of iOS devices running malicious apps more than tripled in three consecutive quarters, while infected Android devices remained largely flat, report shows.iPhones and other devices running Apple's iOS have seen a jump in malicious apps attacking them while Android malware infections have remained largely stable, according to a report released today by
Publish At:2017-07-19 02:21 | Read:179 | Comments:0 | Tags: IOS

CISCO issues security patches for nine serious RCEs in SNMP subsystem in IOS and IOS XE

Cisco has fixed nine serious remote code execution flaws in the SNMP subsystem running in all the releases of IOS and IOS XE software. The tech giant publicly disclosed the vulnerability on June 29 and provided workarounds, not it is notifying customers about the availability of security patches. The nine issues, that have been tracked with codes from CVE-20
Publish At:2017-07-15 13:05 | Read:480 | Comments:0 | Tags:Breaking News Hacking Security CISCO Cisco IOS Software iOS

Zero Packet Inspection

Introduction In this blogpost I describe the history of z9, our detection engine. I will show its performance over reference data sets commonly used in the machine learning community. I’ll then describe how we apply it to detect networks attacks without any type of packet inspection. Eventually, we encourage you to participate by helping us gather and
Publish At:2017-07-11 22:35 | Read:397 | Comments:0 | Tags:0-Packet Android iOS Machine Learning Mobile Malware Mobile

Self-Service Food Kiosk Vendor Avanti Hacked

Avanti Markets, a company whose self-service payment kiosks sit beside shelves of snacks and drinks in thousands of corporate breakrooms across America, has suffered of breach of its internal networks in which hackers were able to push malicious software out to those payment devices, the company has acknowledged. The breach may have jeopardized customer cred
Publish At:2017-07-08 23:50 | Read:330 | Comments:0 | Tags:Other Avanti Markets breach biometric Noah Dunker P2PE Risk

Cisco IOS Software is affected by RCE flaws that could allow full hack of the devices

Experts at CISCO discovered severe remote code execution vulnerabilities in Cisco IOS Software while conducting internal testing. Cisco warned users of serious vulnerabilities in IOS software that can be exploited by authenticated, remote attackers for code execution and denial-of-service (DoS) attacks. Experts at CISCO discovered the vulnerabilities while c
Publish At:2017-06-30 23:15 | Read:380 | Comments:0 | Tags:Breaking News Hacking CISCO Cisco IOS Software iOS SNMP IOS

More Mobile Apps Means More Man-in-the-Middle Attacks

When you travel outside your corporate network with your mobile device, you are much more vulnerable to man-in-the-middle (MitM) attacks. This is how attackers intercept data as it’s being passed from a mobile device to a server. Of course, this is problematic for a number of reasons. CSO Online demonstrated how easy it is to steal all sorts of informa
Publish At:2017-06-21 17:10 | Read:506 | Comments:0 | Tags:Endpoint Mobile Security Application Security Bring-Your-Own

Apple iOS Threats Fewer Than Android But More Deadly

Data leakage and corruption haunt iOS and Android mobile apps the most, a new study shows.Apple's iOS mobile platform suffers fewer cyberattacks than Google's Android, but a new study shows that when iOS does get hit, the attacks are more severe.Pradeo's biannual mobile applications threat review report, released today, examines the mobile threat landscape b
Publish At:2017-06-20 17:00 | Read:553 | Comments:0 | Tags: IOS

CVE-2017-8083 CompuLab IntensePC lacks BIOS Write Protection

Credits: Hal MartinWebsite: watchmysys.comSource: https://watchmysys.com/blog/2017/06/cve-2017-8083-compulab-intensepc-lacks-bios-wp/Vendor:====================CompuLab (compulab.com)Product:====================Intense PC / MintBox 2Vulnerability type:====================Write-protection not enabled on system firmwareCVE Reference:====================CVE-201
Publish At:2017-06-06 10:10 | Read:317 | Comments:0 | Tags: IOS

NDAY-2017-0101: iCloud Information Leak

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) zNID: NDAY-2017-0101 CVE: Unknown Type: Information Disclosure Platform: iOS < 10.3 Device type: iPhone, iPod iOS bulletin: https://support.apple.com/en-us/HT207617 Public release date: 25th of May, 2017 Credit: Anonymous Download Exploit (passwor
Publish At:2017-05-25 16:50 | Read:611 | Comments:0 | Tags:iOS Mobile security Mobile Threat Defense N-Day Threat Resea

Mimosa Wireless Radios - RCE, DoS, and Local File Disclosure Vulnerabilities

[+] Credits: Ian Ling[+] Website: iancaling.com[+] Source: http://blog.iancaling.com/post/160596244178Vendor:=================http://mimosa.coProducts:======================Access Points (e.g. A5) <2.2.3Client Radios (e.g. C5) <=2.2.3Backhaul Radios (e.g. B5) <=2.2.3Vulnerability Types:===================Remote Command Execution (RCE), Denial of Ser
Publish At:2017-05-15 15:20 | Read:579 | Comments:0 | Tags: IOS

APPLE-SA-2017-05-15-2 iOS 10.3.2

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512APPLE-SA-2017-05-15-2 iOS 10.3.2iOS 10.3.2 is now available and addresses the following:AVEVideoEncoderAvailable for: iPhone 5 and later, iPad 4th generation and later,and iPod touch 6th generationImpact: An application may be able to gain kernel privilegesDescription: A memory corruption issue was addressed wit
Publish At:2017-05-15 15:20 | Read:738 | Comments:0 | Tags: IOS

SEC Consult SA-20170510-0 :: Insecure Handling Of URI Schemes in Microsoft OneDrive iOS App

A short demo video is available here:https://youtu.be/0jZdM9peVSkSEC Consult Vulnerability Lab Security Advisory < 20170510-0 >======================================================================= title: Insecure Handling Of URI Schemes product: Microsoft OneDrive iOS App vulnerable version: 8.13 fixed version: 8.14
Publish At:2017-05-14 02:30 | Read:478 | Comments:0 | Tags: IOS

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud