A security researcher has released a tool that will untether iPhones and other devices running iOS 5.01, allowing them to run unsigned code. The tool relies on a pair of exploits, one in an iOS binary and another in the kernel, and the jailbreak will survive after a reboot.
Browsing Category: Mobile Security
It’s that most un-wonderful time of the year: the time when everyone writes fluffy articles full of lists, retrospectives and look-aheads. Even we did it. Many of these lists involve some variation on the theme of most overhyped or least organic or or most awesomest or lowest fat content. This article is not those articles.
Fake antivirus software, or “scareware” scams have been one of the tried and true methods that crooks have used to make illegal profits online in recent years.
Just a day after security researcher Stefan Viehbock released details of a vulnerability in the WiFi Protected Setup (WPS) standard that enables attackers to recover the router PIN, a security firm has published an open-source tool capable of exploiting the vulnerability. The tool, known as Reaver, has the ability to find the WPS PIN on a given router and then recover the WPA passphrase for the router, as well.
The US-CERT is warning about a vulnerability in the WiFi Protected Setup standard that reduces the number of attempts it would take an attacker to brute-force the PIN for a wireless router’s setup process. The flaw results in too much information about the PIN being returned to an attacker and makes the PIN quite weak, affecting the security of millions of WiFi routers and access points.
By Art CovielloI just came back from a five-week trip of meeting with customers around the world and never in my entire career have CEOs and corporate boards been as interested in security as they are now. The common theme throughout these conversations was that we are facing a new reality – one of persistent, advanced and intelligent threat.
VIEW SLIDESHOW Five Security Predictions for 2012What will 2012 bring? We can’t know for sure. Recent years have taught us that, when it comes to computer security, one should expect to be surprised.
The security industry can be a giant repetitive, follow-the-loser echo chamber of unoriginal thoughts, familiar flaws and copycat theories. But if ever there was a year in which folks could stand back and look at what’s gone on and say, what in the hell just happened, 2011 was it. So rather than going in for the typical year-in-review or top stories shtick, let’s just have a look back at some of the more absurd, unexpected and amusing twigs and berries from the last 12 months, shall we?
VIEW SLIDESHOW Threatpost Top Security News Stories of 2011We’ve compiled our list of the Top Security Stories of 2011, presented here in no particular order. These are the issues that shook the world’s markets and kept us awake at night.
Mobile security researchers at the firm Viaforensics say they have created a malicious mobile application that requires the phone user to grant no permissions during installation, but could give remote attackers the ability to install and execute malicious code on mobile devices running the Android operating system.