A bug was recently fixed in Android Lollipop that could allow an attacker to bypass ASLR and run arbitrary code on a target device under certain circumstances.
Browsing Category: Mobile Security
WhatsApp, a massively popular messaging app, recently added end-to-end encryption for some mobile clients, a move that brings a high level of security to millions of users. The change is the result of a partnership with Open Whisper Systems, the secure text and mobile OS company started by security researcher Moxie Marlinspike. Twitter acquired Open[…]
Apple has patched 10 vulnerabilities in iOS, including a pair of bugs that allowed arbitrary code execution and one that enables an attacker to run random binaries on a target device.
Karsten Nohl has updated his BadUSB research, looking at the top eight USB controller chips and determining that about half are susceptible to being maliciously reprogrammed.
AT&T says it has stopped injecting unique identifying “supercookies” into their users’ Web traffic.
Apple responds to the Masque vulnerability, saying that it is unaware of any users affected by the vulnerability, which allows hackers to swap out legitimate iOS apps with malicious ones.
Researchers successfully took down Apple and Samsung mobile phones using NFC hacks during Mobile Pwn2Own, but were not able to complete compromise Windows Phone or Nexus 5 running Android.
Several automakers have agreed on a set of privacy principles that they say will govern the way that they handle personal information generated by vehicles, geolocation data and other sensitive information that is being produced by in-car computers and networks.
Researchers at FireEye disclosed Masque, a vulnerability in iOS that enabled the WireLurker attacks. It was reported in July, but has yet to be patched by Apple.
A Windows version of the WireLurker malware has been discovered, and like the Mac OS X version, it too is believed to have been shut down.