Apple’s Safari browser embarrassed at Pwn2Own, hacked in 5 seconds

By on March 10, 2011 at 8:34 AM.

Apple’s Safari browser embarrassed at Pwn2Own, hacked in 5 seconds

Safari just got served. At this year’s Pwn2Own conference, security firms and enthusiasts are doing their very best to discover and deploy exploits to some of the world’s most popular browsers. Chrome, Firefox, Internet Explorer, and Safari, they’re all on the menu for conference attendees and some have definitely faired better than others. Google issued a challenge, promising $20,000 to any person or team that could crack Chrome on the conferences opening day, but the two teams scheduled to take a swing backed down. Firefox is, for the time being, still standing, and, per usual, Microsoft’s Internet Explorer was taken down without much fuss. But which browser faired the worst? That would be Apple’s Safari. A French security research firm named Vulpen managed to break into Safari running on a MacBook Air in a cool five seconds. The company noted that the Safari update issued by Apple yesterday — version 5.0.4 — fixes some of the vulnerabilities, but not all. The takedown of Safari 5.0.3 used exploits that are still available in the updated code base. Go ahead Apple detractors, have a little fun in the comments section. More →

116 Comments

Google ousts 21 malicious applications from Android Market, user handsets [Updated]

By on March 2, 2011 at 7:38 AM.

Google ousts 21 malicious applications from Android Market, user handsets [Updated]

While investigating several Android Market applications that appeared to be duplicates, Reddit user lompolo discovered several apps that provide an extra, and definitely unwanted, service. The applications in question contain an exploit that, when downloaded, automatically root the Android handset. Not only that, the apps — 21 in total — also contain an embedded .apk file that can accept remote code and upload device information (like your IMEI) to a server in California. The malicious bundles were published by user Myournet and some of the individual applications have been downloaded over 50,000 times each. Once alerted of the potential malware, Google investigated and removed the code from the Market and users handsets. Unfortunately, that doesn’t have any effect on data already compromised by downloaders of the rogue applications. Google has yet to publicly comment on the incident.

UPDATE: More information about the exploit and affected applications can be found here. More →

57 Comments

Windows Phone 7 Marketplace DRM cracked

By on December 29, 2010 at 2:47 PM.

Windows Phone 7 Marketplace DRM cracked

The digital rights management (DRM) security used by Microsoft to protect apps in its Windows Phone 7 Marketplace has been cracked, enthusiast blog WPCentral reports. Though the technology needed to do so is not yet in the hands of the general public, the DRM protecting paid applications can now easily be stripped off of apps. If details of the vulnerability used to achieve the DRM crack are made available to the public, unscrupulous programers could use the exploit to develop software that allows users to steal applications and deploy them to Windows Phone 7 devices. Microsoft has not publicly responded to the security hole, though WPCentral claims the company has been made aware of the issue. Hit the break to see Microsoft’s Windows Phone 7 Marketplace security being manhandled in a proof-of-concept video demonstration. More →

12 Comments

T-Mobile’s G2 gets the root treatment courtesy of XDA

By on November 9, 2010 at 4:38 PM.

T-Mobile’s G2 gets the root treatment courtesy of XDA

Dear hardware OEMs: Resistance. Is. Futile. It seems as though the gang over in the IRC channel #G2Root xda-developers have found a permanent rooting solution for T-Mobile’s HTC G2 handset. As you may recall, the rooting community ran into a little hiccup with the Android 2.2 device due to an auto-restore feature aimed at helping the average consumer un-brick their handset. The new solution comes just days after HTC released the source code for the G2 on their website. The root exploit for the G2 is far from production-ready, but it does look like the software is well on its way to getting the one-click treatment.

UPDATE: Quick correction — As Aaron pointed out in the comments, the G2 root was originally discovered by members of the #G2root IRC channel; an XDA forum member announced it. Thanks, Aaron!

[Via Android Spin] More →

5 Comments

Adobe warns of zero-day Flash, Reader vulnerability; Windows, Mac, Linux, Solaris, Android affected

By on October 28, 2010 at 5:58 PM.

Adobe warns of zero-day Flash, Reader vulnerability; Windows, Mac, Linux, Solaris, Android affected

Adobe released a security bulletin today warning of a critical, zero-day vulnerability in their Reader and Flash Player software. The bulletin notes that an unpactched system could “crash [your system] and potentially allow an attacker to take control of the affected system.” The vulnerability is affecting:

  • Adobe Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
  • Adobe Flash Player 10.1.95.2 and earlier for Android
  • Adobe Reader 9.4 and earlier 9.x versions for Windows, Macintosh and UNIX
  • Adobe Acrobat 9.4 and earlier 9.x versions for Windows and Macintosh
  • Adobe Reader and Acrobat 8.x are confirmed not vulnerable. Adobe Reader for Android is not affected by this issue.

Adobe is promising an update to fix the issue by November 9. Hit the read link to read more and for mitigation instructions for your specific platform. More →

66 Comments

Second generation AppleTV jailbroken with SHAtter exploit

By on October 1, 2010 at 7:15 AM.

Second generation AppleTV jailbroken with SHAtter exploit

If you picked yourself up a second generation AppleTV, or plan to, it looks like you’ll be able to get your jailbreak on; assuming you’re into that sort of thing. Dev-team member MuscleNerd has posted a one-minute YouTube video showing Apple’s little black-box running a jailbroken firmware. Complimenting that, the dev-team has also managed to decrypt the AppleTV’s encryption keys. Hit the jump to see the video and hit the read link to check out the keys. More →

18 Comments

Twitter patches onMouseOver vulnerability

By on September 21, 2010 at 10:42 AM.

Twitter patches onMouseOver vulnerability

Well that didn’t take long. Twitter hath just tweeted that they have identified and patched the JavaScript, onMouseOver, cross-site-scripting vulnerability that had been running amuck on its website this morning. It is once again safe to use twitter.com to let your fake friends know what you are eating, thinking, and doing.

UPDATE: Bob Lord, Twitter’s security chief, has put up an official blog post explaining exactly what happened this morning. You can read that article here. More →

2 Comments

PSA: Twitter being ravaged by JavaScript flaw

By on September 21, 2010 at 9:27 AM.

PSA: Twitter being ravaged by JavaScript flaw

If you happen to be in your browser looking at twitter.com you may notice that the site is somewhat useless at the moment. Thanks to a JavaScript onMouseOver exploit, a nasty little bug is spreading through the micro-blogging site like wildfire. Simply mousing-over a carefully crafted tweet can redirect your browser to a website with malicious code or, in the case of Sarah Brown (wife of the former British Prime Minister), hardcore porn. The exploit is only affecting twitter.com when viewed in the browser and not third party clients like TweetDeck, Seesmic, or m.twitter.com. If you’re out there and tweeting, be careful.

UPDATE: Bob Lord, Twitter’s security chief, has put up an official blog post explaining exactly what happened this morning. You can read that article here. 
More →

10 Comments

Adobe reveals zero day exploit in Flash, Android affected

By on September 14, 2010 at 1:15 PM.

Adobe reveals zero day exploit in Flash, Android affected

Adobe has revealed a critical, zero day exploit in Adobe Flash that is affecting WIndows, Macintosh, Linux, Solaris, and Android systems. Adobe does not provide much detail about the issue, but does state that the vulnerability could “cause a crash and potentially allow an attacker to take control of the affected system.” The post states that at present, only Flash Player for Windows is being actively exploited. This is the second critical vulnerability being reported by Adobe in under 7 days. Updates on the zero day bug and forthcoming patch can be found on Adobe’s security bulletin website, found here. More →

41 Comments

HDR photos coming to jailbroken 3G and 3GS iPhones running iOS 4.1

By on September 10, 2010 at 6:21 PM.

HDR photos coming to jailbroken 3G and 3GS iPhones running iOS 4.1

If you have an older model iPhone, and are envious of the HDR photographic-prowess of the iPhone 4, there is still hope; albeit hope with a fairly long list of prerequisites. iPhone tinkerer Will Strafach has tweeted that he: “Made a Cydia tweak to allow HDR photos on 4.1 for the iPhone 3G and 3G[s].” So, when that rumored iOS 4.1 jailbreak is released you can take your jailbroken, iPhone 3G or 3GS and get the HDR goodies. There are a lot of “ifs” and “whens” in there… but it’s better than nothing. More →

21 Comments

Newly found jailbreak exploit will work on iPhone 4, iPad, and new iPod touch

By on September 9, 2010 at 9:00 PM.

Newly found jailbreak exploit will work on iPhone 4, iPad, and new iPod touch

Lord of the Devs — MuscleNerd – has confirmed that the latest jailbreak exploit discovered by pod2g will indeed work beyond the iPhone. In a tweet, MuscleNerd writes:

That latest exploit from @pod2g confirmed to work beyond iPhone4…also on at least iPad and yesterday’s iPod4G too :)

Great news for all those who prefer their iDevices jailbroken. No time estimate has been given by the dev-team or others as to when we could potentially see the exploit tools in the wild; we’ll keep you up to date on any progress that is made. More →

14 Comments

Comex releases iOS PDF-exploit source code

By on August 12, 2010 at 10:10 AM.

Comex releases iOS PDF-exploit source code

Comex, the developer of the jailbreakme.com 2.0 website, has released the source code for the PDF exploit found in un-patched versions of Apple’s iOS mobile operating system. The code has been called “impressive” and “dangerous” by some security analysts. The exploit has the ability to install malicious code on a users iOS device by simply visiting a webpage crafted to run the code. If you do not plan on jailbreaking your iOS device, we recommend updating to iOS 4.0.2 to remove the vulnerability. If you are already jailbroken, we suggest installing the “PDF Fix” patch from Cydia.

[Via Macworld] More →

16 Comments

Apple releases iOS 4.0.2, plugs jailbreakme.com PDF exploit

By on August 11, 2010 at 3:19 PM.

Apple releases iOS 4.0.2, plugs jailbreakme.com PDF exploit

Apple has just released an update to iOS, labeled iOS 4.0.2. The update, amongst other things, plugs the PDF security hole most notably used by the website jailbreakme.com. The update is available for the iPhone 3G, 3GS, and 4, iPod Touch 2G and 3G, as well as the iPad. If you have a jailbroken device, or think you might want to jailbreak your device at some point, we would recommend against applying this update. Everyone else, have at it!

72 Comments