When auditing iOS kernel executable, we found that the code quality ofcom.apple.driver.AppleHDQGasGaugeControl is very bad. In this blog, we will disclose 3 vulnerabilities in this kernel extension on the latest public iOS (version 8.4.1). More importantly, one of these bugs is a perfect heap overflow vulnerability that allows us to defeat all kernel mitigations and […]
WhatsApp Web is a web-based extension of the WhatsApp application on your phone. The web application mirrors all messages sent and received, and fully synchronize your phone and your desktop computer so that users can see all messages on both devices. WhatsApp Web is available for most WhatsApp supported platforms, including Android, iPhone (iOS), Windows Phone 8.x, BlackBerry, BB10 and […]
Sounds like it’s going to be a busy few days for R&D and PR departments at least two security companies. This weekend, vulnerability researchers have separately disclosed flaws in products from Kaspersky and FireEye that could be exploited by malicious hackers. First up was Tavis Ormandy. Ormandy, a security researcher at Google, has made a […]
Most automated scanning and security tools that ferret out cross-site scripting vulnerabilities don’t do much analysis beyond the target application. Netflix this week, however, released to open source a tool developed in-house that persists beyond the target app and can flag potential XSS trouble in secondary applications. The tool, called Sleepy Puppy, is available on […]
Major vulnerabilities have been detected in Dolphin and Mercury Android browsers that could have provided cybercriminals with the opportunity to launch zero-day attacks. This is considered to be a notable discovery. With both browsers growing in popularity – it is estimated that over 100 million downloads have been made between the two browsers – the […]
iOS and OS X the most vulnerable operating systems? Don’t confuse vulnerabilities with exploits, or patch frequency with insecurity.
Hackers pieced together zero-day vulnerabilities in Flash and Internet Explorer 9+ to attack financial services and defense contractor employees visiting Forbes.com, according to security firm researchers, Invincea and iSIGHT Partners. In November 2014, the site’s Thought of the Day (ToTD) page, which is displayed briefly upon visiting the site, was compromised. On first visit to […]
This has not been a great week for Adobe; they have been scrambling to fix a number of critical vulnerabilities in their Flash Player product that are being used in active attacks. But a patch is now available to cover all these vulnerabilities – so patch now!
Google’s Project Zero has released information on three as yet unpatched vulnerabilities in Apple’s OS X operating system, reports Ars Technica.
A large majority of routers used in small offices are plagued with security vulnerabilities – with up to 80% of small office/home office models having critical security weaknesses, according to a survey by Tripwire.
In the Following Issue we will discuss the impacted vulnerability, their particular information and details, proof-of-concept code, as well as their special recommendations, regarding fixing those issues. Security researchers of the High-Profile websites, mostly discover their related vulnerabilities as the highly effective zones. Nicholas Lemonias is an expert researcher, and he is of the belief that such […]
Just a few days after the reports on vulnerability in the android devices, more shocking news are disclosed. Now, it is believed that recently found vulnerability could allow NSA to gather more data belonging to the people from general public. It is believed that with hackers NSA would also be benefited by the vulnerability as […]
An international gang of cyber thieves stole $45 million using bank ATMs in a heist spread across 27 countries.
Microsoft has found seven vulnerabilities in its programs and has deemed of them critical. The critical are so serious that officials have said: “drop-everything-and-fix-this-now”. These loop holes are found in the following programs: Microsoft office, Windows, Internet explorer, Windows server and Silverlight. While commenting on the type attacks lay down through vulnerabilities the officials said […]
Apple has finally fixed a vulnerability that was alerted about 6 six month back. This vulnerability was found in the iOS app store by Google. But, the interesting fact of the app was that it was reported by the Google’s security researcher, Elie Bursztein, but Apple doesn’t responded to it. This vulnerability could have been exploited over any public WIFI […]
In a video presentation, the vulnerability experts known as ReVuln have revealed a 0day vulnerability for industrial SCADA Schneider Electric, General Electric, Siemens and Rockwell Automation. Yet the exact vulnerable products were not discussed in the presentation. According to ReVuln, the vulnerabilities are of high risk which allows uploading shells remotely, executing the code and session hijacking on the PCs that are responsible for running […]