Latest News

2020/12/03

An iOS zero-click radio proximity exploit odyssey

”In this demo I remotely trigger an unauthenticated kernel memory corruption vulnerability which causes all iOS devices in radio-proximity to reboot, with no user interaction. Over the next 30'000 words I'll cover the entire process to go from this basic demo to successfully exploiting this vulnerability in order to run arbitrary code on any nearby iOS device and steal all the user data”
2020/11/13

New Slipstream NAT bypass attacks to be blocked by browsers

Web browser vendors are planning to block a new attack technique that would allow attackers to bypass a victim's NAT, firewall, or router to gain access to any TCP/UDP service hosted on their devices.

The attack method, dubbed NAT Slipstreaming, was discovered by security researcher Samy Kamkar and it requires the victims to visit the threat actor's malicious website (or a site with maliciously crafted ads).

To expose hosted services, the attack abuses certain NAT devices scanning port 5060 to create port forwarding rules when detecting maliciously-crafted HTTP requests camouflaged as valid SIP requests.

Kamkar also provides proof-of-concept exploit code to demonstrate the validity of this newly disclosed NAT/firewal/router bypass technique.
2020/11/09

Update Your iOS Devices Now — 3 Actively Exploited 0-Days Discovered

Apple on Thursday released multiple security updates to patch three zero-day vulnerabilities that were revealed as being actively exploited in the wild.

Rolled out as part of its iOS, iPadOS, macOS, and watchOS updates, the flaws reside in the FontParser component and the kernel, allowing adversaries to remotely execute arbitrary code and run malicious programs with kernel-level privileges.

The zero-days were discovered and reported to Apple by Google's Project Zero security team.
2020/10/27

Containerd Bug Exposes Cloud Account Credentials

A security vulnerability can be exploited to coerce the containerd cloud platform into exposing the host’s registry or users’ cloud-account credentials.

Containerd bills itself as a runtime tool that “manages the complete container lifecycle of its host system, from image transfer and storage to container execution and supervision to low-level storage to network attachments and beyond.” As such, it offers deep visibility into a user’s cloud environment, across multiple vendors.
2020/10/13

Sophisticated Android Ransomware Executes with the Home Button

A fresh variant of a sophisticated Android ransomware known as MalLocker locks up mobile devices – surfacing its ransom note when a user hits the Home button.

According to research from Microsoft, MalLocker is spreading via malicious website downloads (disguised as popular apps, cracked games or video players) and peddled in online forums, as it always has. However, “the new variant caught our attention because it’s an advanced malware with unmistakable malicious characteristic and behavior and yet manages to evade many available protections, registering a low detection rate against security solutions,” Microsoft researchers said, in a Thursday posting.