HackDig : Dig high-quality web security articles for hacker

iOS apps can access metadata revealing users’ locations and much more

Developer discovered that iOS apps can read metadata revealing users’ locations and much more, a serious threat to our privacy. The developer Felix Krause, founder of Fastlane.Tools, has discovered that iOS apps can access image metadata revealing users’ location history. Krause published a detailed analysis on the Open Radar community, he explai
Publish At:2017-09-28 18:26 | Read:148 | Comments:0 | Tags:Breaking News Digital ID Hacking Mobile DetectLocations Exif

CISCO addressed several critical IOS flaws that expose devices to remote attacks

Cisco has released security updates for its IOS Operating System to fix more than a dozen critical and high severity vulnerabilities. Cisco has released updates for its IOS software to fix more than a dozen critical and high severity vulnerabilities that could be exploited by attackers to remotely take over company’s switches and routers. Giving a close loo
Publish At:2017-09-28 18:26 | Read:155 | Comments:0 | Tags:Breaking News Hacking CISCO iOS RCE IOS

APPLE-SA-2017-09-25-4 Additional information for APPLE-SA-2017-09-19-1 iOS 11

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512APPLE-SA-2017-09-25-4Additional information for APPLE-SA-2017-09-19-1 iOS 11iOS 11 addresses the following:BluetoothAvailable for: iPhone 5s and later, iPad Air and later,and iPod touch 6th generationImpact: An application may be able to access restricted filesDescription: A privacy issue existed in the handling
Publish At:2017-09-26 11:15 | Read:99 | Comments:0 | Tags: IOS

APPLE-SA-2017-09-19-1 iOS 11

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512APPLE-SA-2017-09-19-1 iOS 11iOS 11 is now available and addresses the following:Exchange ActiveSyncAvailable for: iPhone 5s and later, iPad Air and later,and iPod touch 6th generationImpact: An attacker in a privileged network position may be able toerase a device during Exchange account setupDescription: A vali
Publish At:2017-09-21 20:36 | Read:219 | Comments:0 | Tags: IOS

APPLE-SA-2017-09-20-1 Additional information for APPLE-SA-2017-09-19-1 iOS 11

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512APPLE-SA-2017-09-20-1 Additional information for APPLE-SA-2017-09-19-1 iOS 11iOS 11 addresses the following:Exchange ActiveSyncAvailable for: iPhone 5s and later, iPad Air and later,and iPod touch 6th generationImpact: An attacker in a privileged network position may be able toerase a device during Exchange acco
Publish At:2017-09-21 20:36 | Read:351 | Comments:0 | Tags: IOS

iXintpwn/YJSNPI Abuses iOS’s Config Profile, can Crash Devices

by Hara Hiroaki, Higashi Yuka, Ju Zhu, and Moony Li While iOS devices generally see relatively fewer threats because of the platform’s walled garden approach in terms of how apps are installed, it’s not entirely unbreachable. We saw a number of threats that successfully scaled the walls in 2016, from those that abused enterprise certificates to ones th
Publish At:2017-09-19 00:55 | Read:166 | Comments:0 | Tags:Mobile Apple iOS iOS Configuration Profile iXintpwn YJSNPI I

SEC Consult SA-20170913-1 :: Local File Disclosure in VLC media player iOS app

SEC Consult Vulnerability Lab Security Advisory < 20170913-1 >======================================================================= title: Local File Disclosure product: VLC media player iOS app vulnerable version: 2.7.8 fixed version: 2.8.1 CVE number: - impact: Medium homepage: https://itun
Publish At:2017-09-13 09:40 | Read:208 | Comments:0 | Tags: IOS

Zimperium researcher released an iOS Kernel Exploit PoC

Zimperium Researcher Adam Donenfeld released an iOS Kernel Exploit PoC that can be used to gain full control of iOS mobile devices. Researcher Adam Donenfeld of mobile security firm Zimperium published a Proof-of-concept (PoC) for recently patched iOS vulnerabilities that can be chained to gain full control of iOS mobile devices. The expert called the PoC ex
Publish At:2017-08-28 14:00 | Read:375 | Comments:0 | Tags:Breaking News Hacking Mobile Apple iOS Kernel Exploit kernel

Cisco IOS vulnerabilities open Rockwell Industrial Switches to attacks

Vulnerabilities in Cisco IOS expose Rockwell Allen-Bradley Stratix and ArmorStratix industrial Ethernet switches to remote attacks. Some models of the Allen-Bradley Stratix and ArmorStratix industrial Ethernet switches are exposed to remote attacks due to security flaws in Cisco’s IOS software. According to the security alert issued by ICS-CERT, an authentic
Publish At:2017-08-26 06:45 | Read:325 | Comments:0 | Tags:Breaking News Hacking CISCO Cisco IOS Software iOS SNMP IOS

Apple iOS Exploit Takes Complete Control of Kernel

Researcher demonstrates 'severe' ZIVA exploit at Hack in the Box.Multiple vulnerabilities in the AppleAVEDriver when linked together create an opportunity to launch an iOS exploit that can take full control of the iOS kernel, security researcher Adam Donenfeld of Zimperium's zLabs revealed today.Donenfeld, who today demonstrated the exploit at the&
Publish At:2017-08-25 05:30 | Read:265 | Comments:0 | Tags: IOS exploit

ziVA: Zimperium’s iOS Video Audio Kernel Exploit

Follow @doadam Following my previous post, I’m releasing ziVA: a fully chained iOS kernel exploit that (should) work on all the iOS devices running iOS 10.3.1 or earlier. The exploit itself consists of multiple vulnerabilities that were discovered all in the same module: AppleAVEDriver. The exploit will be covered in depth in my HITBGSEC talk held on August
Publish At:2017-08-24 04:35 | Read:532 | Comments:0 | Tags:iOS Threat Research IOS exploit

iOS 11 in the Enterprise: Get Your iPads Ready

While some are in back-to-school mode and others are getting ready for football, we’re gearing up for the latest mobile operating systems to hit the market. With the Apple iOS 11 release right around the corner, the time is now for IT and security leaders to zero in on their Apple iOS management strategy to prepare for the myriad changes set to affec
Publish At:2017-08-23 22:25 | Read:396 | Comments:0 | Tags:Mobile Security Apple apple releases Enterprise Mobility iOS

Apple iOS 10.3 - UI SMS Access Permission Vulnerability

Document Title:===============Apple iOS 10.3 - UI SMS Access Permission VulnerabilityReferences (Source):====================https://www.vulnerability-lab.com/get_content.php?id=2078Apple Security ID: 666589482Video: https://www.vulnerability-lab.com/get_content.php?id=2079Vulnerability Magazine: https://www.vulnerability-db.com/?q=articles/2017/08/14/apple-
Publish At:2017-08-16 10:20 | Read:361 | Comments:0 | Tags: IOS Vulnerability

Google adds Anti-Phishing feature also to Gmail app for iOS

To fight phishing attacks, Google has introduced a security measure for its Gmail app for iOS that will help users identify and delete phishing emails. Phishing continues to be one of the most dangerous threats, crooks continue to devise new techniques to trick victims into providing sensitive information. The technique is still the privileged attack vector
Publish At:2017-08-15 15:40 | Read:424 | Comments:0 | Tags:Breaking News Mobile Security Cybercrime Gmail Gmail app for

ZPI: One approach to rule them all

Introduction In 1975, a book was published that changed the way we approach complex problems. Inspired on how nature works “Adaptation in Natural and Artificial Systems” set the bases of genetic algorithms. The release date of this blogpost is strongly linked to that book, it is a symbolic tribute to its author, John Henry Holland, who passed out
Publish At:2017-08-10 08:55 | Read:541 | Comments:0 | Tags:Android iOS Mobile security Mobile Threat Defense Windows Ze

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud