Several popular Android applications available in Google Play Store are susceptible to a path traversal-affiliated vulnerability codenamed the Dirty Stream attack that could be exploited by a malicious app to overwrite arbitrary files in the vulnerable app’s home directory. “The implications of this vulnerability pattern include arbitrary code execution and token theft, depending on an […]
Cybersecurity researchers have discovered a critical vulnerability in widely used SQLite database software that exposes billions of deployments to hackers. Dubbed as ‘Magellan‘ by Tencent’s Blade security team, the newly discovered SQLite flaw could allow remote attackers to execute arbitrary or malicious code on affected devices, leak program memory or crash applications. SQLite is a […]
According to a recent survey report, many big IT decision-makers see Enterprise Communication and Collaboration (EC&C ) apps like Slack, Dropbox, etc as being vulnerable to cyberattack. The survey was conducted by Israeli cybersecurity firm Perception Point and comprised five hundred respondents representing different industries. The respondents were from medium and large enterprises that had 1000-plus […]
Researchers specializing in enterprise data protection services have analyzed more than a dozen mobile apps provided by shared car companies and have discovered serious security gaps that can be exploited to obtain personal information and even steal vehicles. The specialists have investigated a total of 13 apps to share cars running on Android. Apps are […]
Man In The Middle Attack Over SSL A group of security researchers found a critical man in the middle attack implementation gap in the main mobile banking applications that left the banking powers of millions of users vulnerable to hackers. The vulnerability was discovered by security groups investigators and privacy at the University of Birmingham, […]
A flaw in certificate pinning exposed customers of a number of high-profile banks to man-in-the-middle attacks on both iOS and Android devices. A vulnerability in the mobile apps of major banks could have allowed attackers to steal customers’ credentials including usernames, passwords, and pin codes, according to researchers. The flaw was found in apps by […]
Selenium powered Python script to automate searching the web for vulnerable applications. DorkNet can take a single dork or a list of dorks as arguments. After the proper command line arguments have been passed, the script will use Selenium and Geckodriver to find the results we want and save them to a textfile for further […]
The IT security researchers at Verify.ly, a service responsible for scanning the binary coding of iOS apps to identify any prevailing security flaws, 76 popular iOS apps are not safe to be used. Verify.ly suggests that these are extremely common apps, with a combined total of 18 million downloads. The problem is that these apps possess […]
Apps that use 3rd-party updater over insecure HTTP channels subject to MiTM attacks. Camtasia, uTorrent, and a large number of other Mac apps are susceptible to man-in-the-middle attacks that install malicious code, thanks to a vulnerability in Sparkle, the third-party software framework the apps use to receive updates. The vulnerability is the result of apps […]
Officials at Check Point, the IT security vendor, have discovered a rogue app on the Google Play Store that is exploiting the recently identified Certifi-gate bug. Recordable Activator (downloaded by 6,083 users), the application that has been accused of this malicious behavior, is a screen-recording app that was created by Invisibility, a UK-based company. [must […]
While whole world was worried about the FREAK vulnerability of the browsers, hundreds of popular apps of Android and iOS are still vulnerable to FREAK flaw. Man-in-the-middle attacks of FREAK are a result of the security loopholes left open about 20 years ago. It is a cryptographic encumbrance which allows attackers to force information travelling […]