Click to Skip Ad
Closing in...



Exploit

BlackBerry vulnerability exposed at Pwn2Own; no fix in sight

March 17th, 2011

In light of a WebKit vulnerability discovered at this year’s Pwn2Own conference in Vancouver, Research In Motion has issued a bulletin for its most security conscious customers. Affecting handsets running BlackBerry Device Software version 6.0 or higher, the exploit could allow an attacker to gain access to data stored on the media card or in the media …

Adobe issues warning for critical Flash Player, Adobe Reader vulnerability

March 15th, 2011

Adobe has issued a security bulletin about a critical security flaw found in Adobe Flash Player affecting the Windows, Macintosh, Linux, Solaris, and Android operating systems. The vulnerability, labeled CVE-2011-0609, “could cause a crash and potentially allow an attacker to take control of the affected system.” The company reports that exploits are already in the …

iOS, BlackBerry OS fall at Pwn2Own

March 11th, 2011

Add Apple’s iOS and Research In Motion’s BlackBerry OS to the list of victims at this year’s Pwn2Own challenge. Conference veteran Charlie Miller, along with Dion Blazakis, deployed an exploit to iOS 4.2.1 through a vulnerability in Safari. By navigating to a custom-made webpage, the duo were able to execute remote code and gain access …

Apple’s Safari browser embarrassed at Pwn2Own, hacked in 5 seconds

March 10th, 2011

Safari just got served. At this year’s Pwn2Own conference, security firms and enthusiasts are doing their very best to discover and deploy exploits to some of the world’s most popular browsers. Chrome, Firefox, Internet Explorer, and Safari, they’re all on the menu for conference attendees and some have definitely faired better than others. Google issued a challenge, …

Google ousts 21 malicious applications from Android Market, user handsets [Updated]

March 2nd, 2011

While investigating several Android Market applications that appeared to be duplicates, Reddit user lompolo discovered several apps that provide an extra, and definitely unwanted, service. The applications in question contain an exploit that, when downloaded, automatically root the Android handset. Not only that, the apps — 21 in total — also contain an embedded .apk file …

Windows Phone 7 Marketplace DRM cracked

December 29th, 2010

The digital rights management (DRM) security used by Microsoft to protect apps in its Windows Phone 7 Marketplace has been cracked, enthusiast blog WPCentral reports. Though the technology needed to do so is not yet in the hands of the general public, the DRM protecting paid applications can now easily be stripped off of apps. …

T-Mobile’s G2 gets the root treatment courtesy of XDA

November 9th, 2010

Dear hardware OEMs: Resistance. Is. Futile. It seems as though the gang over in the IRC channel #G2Root xda-developers have found a permanent rooting solution for T-Mobile’s HTC G2 handset. As you may recall, the rooting community ran into a little hiccup with the Android 2.2 device due to an auto-restore feature aimed at helping …

Adobe warns of zero-day Flash, Reader vulnerability; Windows, Mac, Linux, Solaris, Android affected

October 28th, 2010

Adobe released a security bulletin today warning of a critical, zero-day vulnerability in their Reader and Flash Player software. The bulletin notes that an unpactched system could “crash [your system] and potentially allow an attacker to take control of the affected system.” The vulnerability is affecting: Adobe Flash Player 10.1.85.3 and earlier versions for Windows, …

Second generation AppleTV jailbroken with SHAtter exploit

October 1st, 2010

If you picked yourself up a second generation AppleTV, or plan to, it looks like you’ll be able to get your jailbreak on; assuming you’re into that sort of thing. Dev-team member MuscleNerd has posted a one-minute YouTube video showing Apple’s little black-box running a jailbroken firmware. Complimenting that, the dev-team has also managed to decrypt the …

Twitter patches onMouseOver vulnerability

September 21st, 2010

Well that didn’t take long. Twitter hath just tweeted that they have identified and patched the JavaScript, onMouseOver, cross-site-scripting vulnerability that had been running amuck on its website this morning. It is once again safe to use twitter.com to let your fake friends know what you are eating, thinking, and doing. UPDATE: Bob Lord, Twitter’s security …