There’s a remotely exploitable authentication bypass vulnerability in the BlackBerry Z10 phone that affects the service that lets users share files with machines on a wireless network. The bug could allow an attacker to steal users’ personal data or hit them with targeted malware.
Browsing Category: Mobile Security
Vulnerabilities in the secure Blackphone reported during DEF CON require unusual circumstances to exploit.
Absolute Software’s anti-theft Computrace software is mysteriously installed on brand new machines, nearly impossible to remove, and exploitable.
Officials behind the Square service are reaching out to the security research community for help identifying flaws in its system.
Dennis Fisher, Mike Mimoso and Brian Donohue discuss the news from day one of Black Hat, including the Dan Geer keynote, attacks on mobile broadband modems and carriers’ control of mobile phones. Download: Black-Hat-Day-One-Podcast.mp3 Music by Chris Gonsalves
Las Vegas – Researchers at the Black Hat security conference claimed in a presentation that they can exploit pervasive carrier controls to wrest complete control of billions of consumer devices.
LAS VEGAS–Mobile broadband modems can be a great alternative if you can’t find a WiFi network or don’t trust the ones you can find. But many of the models sold by the major manufacturers contain bugs and functionality that a remote attacker can exploit without much difficulty. Much of the market for these devices is[…]
In this special edition of the Digital Underground Podcast, Dennis Fisher interviews fellow Threatpost editor Mike Mimoso and also Threatpost reporter Brian Donohue about the Black Hat security conference, which begins this week in Las Vegas. Topics of discussion include Chris Valasek and Charlie Miller hacking automobiles, Jeff Forristal’s briefing on what promises to be a devastating Android vulnerability, why it’s dumb to host Black Hat in Las Vegas in the dead of summer, and more.
An encryption issue in the Android and iOS versions of the Instagram photo-sharing application could allow for man-in-the-middle attacks and more.
Facebook has fixed a vulnerability in its Android app could allow an attacker to cause a denial-of-service condition on a device or run up the victim’s mobile bill by transferring large amounts of data to and from the device. The flaw lies in the way that the Facebook app handles HTTP requests. The app include an HTTP server[…]