HackDig : Dig high-quality web security articles for hacker

More Mobile Apps Means More Man-in-the-Middle Attacks

When you travel outside your corporate network with your mobile device, you are much more vulnerable to man-in-the-middle (MitM) attacks. This is how attackers intercept data as it’s being passed from a mobile device to a server. Of course, this is problematic for a number of reasons. CSO Online demonstrated how easy it is to steal all sorts of informa
Publish At:2017-06-21 17:10 | Read:221 | Comments:0 | Tags:Endpoint Mobile Security Application Security Bring-Your-Own

Apple iOS Threats Fewer Than Android But More Deadly

Data leakage and corruption haunt iOS and Android mobile apps the most, a new study shows.Apple's iOS mobile platform suffers fewer cyberattacks than Google's Android, but a new study shows that when iOS does get hit, the attacks are more severe.Pradeo's biannual mobile applications threat review report, released today, examines the mobile threat landscape b
Publish At:2017-06-20 17:00 | Read:243 | Comments:0 | Tags: IOS

CVE-2017-8083 CompuLab IntensePC lacks BIOS Write Protection

Credits: Hal MartinWebsite: watchmysys.comSource: https://watchmysys.com/blog/2017/06/cve-2017-8083-compulab-intensepc-lacks-bios-wp/Vendor:====================CompuLab (compulab.com)Product:====================Intense PC / MintBox 2Vulnerability type:====================Write-protection not enabled on system firmwareCVE Reference:====================CVE-201
Publish At:2017-06-06 10:10 | Read:205 | Comments:0 | Tags: IOS

NDAY-2017-0101: iCloud Information Leak

By: Zuk Avraham Follow Zuk Avraham (@ihackbanme) Nicolas Trippar Follow Nicolas Trippar (@ntrippar) zNID: NDAY-2017-0101 CVE: Unknown Type: Information Disclosure Platform: iOS < 10.3 Device type: iPhone, iPod iOS bulletin: https://support.apple.com/en-us/HT207617 Public release date: 25th of May, 2017 Credit: Anonymous Download Exploit (passwor
Publish At:2017-05-25 16:50 | Read:364 | Comments:0 | Tags:iOS Mobile security Mobile Threat Defense N-Day Threat Resea

Mimosa Wireless Radios - RCE, DoS, and Local File Disclosure Vulnerabilities

[+] Credits: Ian Ling[+] Website: iancaling.com[+] Source: http://blog.iancaling.com/post/160596244178Vendor:=================http://mimosa.coProducts:======================Access Points (e.g. A5) <2.2.3Client Radios (e.g. C5) <=2.2.3Backhaul Radios (e.g. B5) <=2.2.3Vulnerability Types:===================Remote Command Execution (RCE), Denial of Ser
Publish At:2017-05-15 15:20 | Read:293 | Comments:0 | Tags: IOS

APPLE-SA-2017-05-15-2 iOS 10.3.2

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512APPLE-SA-2017-05-15-2 iOS 10.3.2iOS 10.3.2 is now available and addresses the following:AVEVideoEncoderAvailable for: iPhone 5 and later, iPad 4th generation and later,and iPod touch 6th generationImpact: An application may be able to gain kernel privilegesDescription: A memory corruption issue was addressed wit
Publish At:2017-05-15 15:20 | Read:383 | Comments:0 | Tags: IOS

SEC Consult SA-20170510-0 :: Insecure Handling Of URI Schemes in Microsoft OneDrive iOS App

A short demo video is available here:https://youtu.be/0jZdM9peVSkSEC Consult Vulnerability Lab Security Advisory < 20170510-0 >======================================================================= title: Insecure Handling Of URI Schemes product: Microsoft OneDrive iOS App vulnerable version: 8.13 fixed version: 8.14
Publish At:2017-05-14 02:30 | Read:312 | Comments:0 | Tags: IOS

The Security Weaknesses of the iOS: The Aisi Helper, Sandjacking, and Image Threats

IntroductionAs we have eluded in other articles, the world of Information Technology and all of its related hardware and software applications are growing at a very fast pace. In fact, it is so fast that even the consumer, the business, or even the corporation simply cannot keep with this pace. It seems like that hardly one new technology is being adop
Publish At:2017-05-05 19:55 | Read:371 | Comments:0 | Tags:Application Security IOS

Apple iOS 10.2 & 10.3 - Control Panel Denial of Service Vulnerability

Document Title:===============Apple iOS 10.3 - Control Panel Denial of Service VulnerabilityReferences:===========https://www.vulnerability-lab.com/get_content.php?id=2059Video: https://www.youtube.com/watch?v=MSscCLATxPQRelease Date:=============2017-04-27Vulnerability Laboratory ID (VL-ID):====================================2059Common Vulnerability Scorin
Publish At:2017-04-28 15:20 | Read:505 | Comments:0 | Tags: IOS Vulnerability

Cisco warns of two critical issues in IOS and Apache Struts

Cisco issued two “critical” security advisories, one for Cisco IOS and Cisco IOS XE Software, another for a flaw affecting Apache Struts 2. Today Cisco issued two “critical” security advisories, the first one for Cisco IOS and Cisco IOS XE Software, the second one for the recently discovered flaw affecting Apache Struts 2. The vulnerability in Cisco IOS affe
Publish At:2017-04-17 02:55 | Read:342 | Comments:0 | Tags:Breaking News Hacking Apache Struts CVE-2017-5638 RCE zero-D

Curiosity Killed the Cat

By now most of us have been burned enough times to realize there is no Nigerian prince needing our help, nor is the IRS suing us for fraudulent tax filing. Now we know we know better. Now we understand that the IRS doesn’t call or email. Now we know that there is no reason for a Nigerian prince to email us. Now we just laugh and delete these emails whe
Publish At:2017-04-17 01:20 | Read:609 | Comments:0 | Tags:Phishing phishing IOS

Download and install the last iOS 10.3.1, attackers can hack you over Wi-Fi

A critical flaw could be exploited by attackers within range to “execute arbitrary code on the Wi-Fi chip,” download and install last iOS 10.3.1 version. Last week, Apple released iOS 10.3, an important release of the popular operating system the fixed more than 100 bugs and implements security improvements. Apple opted to push an emergency p
Publish At:2017-04-05 19:25 | Read:650 | Comments:0 | Tags:Breaking News Hacking Mobile Apple buffer overflow hacking W

APPLE-SA-2017-04-03-1 iOS 10.3.1

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512APPLE-SA-2017-04-03-1 iOS 10.3.1iOS 10.3.1 is now available and addresses the following:Wi-FiAvailable for: iPhone 5 and later, iPad 4th generation and later,iPod touch 6th generation and laterImpact: Impact: An attacker within range may be able to executearbitrary code on the Wi-Fi chipDescription: A stack buff
Publish At:2017-04-04 06:45 | Read:519 | Comments:0 | Tags: IOS

APPLE-SA-2017-03-27-1 Pages 6.1, Numbers 4.1, and Keynote 7.1 for Mac; Pages 3.1, Numbers 3.1, and Keynote 3.1 for iOS

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512APPLE-SA-2017-03-27-1 Pages 6.1, Numbers 4.1, and Keynote 7.1for Mac; Pages 3.1, Numbers 3.1, and Keynote 3.1 for iOS are nowavailable and address the following:ExportAvailable for: macOS 10.12 Sierra or later, iOS 10 or laterImpact: The contents of password-protected PDFs exported from iWorkmay be exposedDescri
Publish At:2017-03-28 08:46 | Read:422 | Comments:0 | Tags: IOS

APPLE-SA-2017-03-27-4 iOS 10.3

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512APPLE-SA-2017-03-27-4 iOS 10.3iOS 10.3 is now available and addresses the following:AccountsAvailable for: iPhone 5 and later, iPad 4th generation and later,iPod touch 6th generation and laterImpact: A user may be able to view an Apple ID from the lock screenDescription: A prompt management issue was addressed b
Publish At:2017-03-28 08:45 | Read:451 | Comments:0 | Tags: IOS

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud