Browsing tag
2018 is barely two weeks old, and already it looks like we’ve got new piece of macOS malware! Hooray ? Want to play along? I’ve shared both the malware’s binary executable (‘MaMi‘), which can be downloaded here(password: infect3d). Please don’t infect yourself! Background Earlier today (01/11), someone on MalwareBytes’ forum created a post titled “DNS Hijacked”: So far nobody […]
A New MacOS Malware “OSX/Dok” Discovered to Steal Banking Credentials by cloning major Banking website which leads victims to install the Malicious Application into victims mobile Devices. This infection leads to potentially compromise the victims and leaks their sensitive data from their mobile platform. OSX/Dok Malware used to Attack Mac users via traditional Spam and […]
idb a tool to simplify some common tasks for iOS app security assessments and research. Requirements: Ubuntu or OS X Ruby 1.9.3 or 2.1 For OS X: brew install qt cmake usbmuxd libimobiledevice For Ubuntu: apt-get install cmake libqt4-dev git-core libimobiledevice-utils libplist-utils usbmuxd libxml2-dev libsqlite3-dev -y Installing idb: Install idb: gem install idb […]
In previous blog posts Liang talked about the userspace privilege escalation vulnerability we found in WindowServer. Now in following articles I will talk about the Blitzard kernel bug we used in this year’s pwn2own to escape the Safari renderer sandbox, existing in the blit operation of graphics pipeline. From a exploiter’s prospective we took advantage […]