M-Trends 2017: A View From the Front Lines

Every year Mandiant responds to a large number of cyber attacks, and 2016 was no exception. For our M-Trends 2017 report, we took a look at the incidents we investigated last year and provided a global and regional the Americas, APAC and EMEA analysis focused on attack trends, and defensive and...

The vulnerability of the iOS operating system, which allows a perpetrator to obtain confidential information

The vulnerability of the Springboard component in the iOS operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a local attacker to obtain confidential information by viewing the application’s screenshot in the Task Switcher program...

The vulnerability of the iOS operating system, which allows a perpetrator to obtain confidential information

The vulnerability of the Clipboard component in the iOS operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a local attacker to obtain confidential information by viewing clipboard contents while the screen is locked...

The vulnerability of the iOS operating system, which allows a perpetrator to gain access to protected information

The vulnerability of the iOS operating system’s Media Player component is related to the lack of protection for service data. Exploiting this vulnerability could allow a local attacker to access protected information about photos and contacts by gaining access to the lock screen...

The vulnerability of the Mac OS X operating system, which allows a perpetrator to gain access to protected information

The vulnerability of the WiFi component of the Mac OS X operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow an intruder, acting locally, to gain access to protected network configuration information using the global storage mechanism...

Vulnerabilities of operating systems such as Mac OS X and iOS, which allow attackers to gain access to protected information

The vulnerability of the IOKit component in Mac OS X and iOS operating systems is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker, acting locally, to gain access to protected information about the kernel’s memory structure using undefined...

The vulnerability of the iOS operating system, which allows a hacker to access photo catalog metadata

The vulnerability of the Sandbox Profiles component of the iOS operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to photo catalog metadata through a specially created application...

The vulnerability of the iOS operating system, which allows a perpetrator to access metadata related to audio recordings

The vulnerability of the Sandbox Profiles component of the iOS operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to metadata of audio recordings through a specially created...

The vulnerability of the iOS operating system, which allows a hacker to trigger a service failure

The vulnerability of the iOS operating system’s accessibility component is related to the lack of protection for service data. Exploiting this vulnerability can allow a local attacker to cause service failures or otherwise affect the system...

The vulnerability of the Safari browser, which allows a hacker to obtain confidential information

The vulnerability of the WebKit component in the Safari browser is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain confidential information through a specially crafted website...

The vulnerability of the iOS operating system, which allows a perpetrator to obtain confidential information

The vulnerability of the Kernel component of the iOS operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain confidential information through a specially crafted application...

The vulnerability of the Android operating system, which allows a perpetrator to trigger a service failure or otherwise affect the system.

The vulnerability of the Qualcomm Secure Execution Environment Communicator application for the Android operating system is related to the lack of protection for service data. Exploiting this vulnerability could allow a malicious actor to compromise data confidentiality through the use of a local...

The vulnerability of the Android operating system, which allows a perpetrator to trigger a service failure or otherwise affect the system.

The vulnerability of the Qualcomm Android operating system’s sound driver is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to cause service failures or otherwise affect the system...

EMC RecoverPoint SSL Stripping Security Bypass Vulnerability

EMC RecoverPoint is a set of disaster recovery and data protection software, EMC RecoverPoint for Virtual Machines VMs is a set of disaster recovery solutions for VMware environments. EMC RecoverPoint SSL Stripping security bypass vulnerability. Allows an attacker to perform a man-in-the-middle...

The vulnerability of the Android operating system, which allows a perpetrator to trigger a service failure or otherwise affect the system.

The vulnerability of the Qualcomm Android operating system’s driver is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to cause service failures or otherwise affect the system...

The vulnerability of the Android operating system, which allows a perpetrator to trigger a service failure or otherwise affect the system.

The vulnerability of the ION subsystem, Binder, USB drivers, and the network subsystem of the Android operating system is related to the lack of protection for sensitive data. Exploiting this vulnerability can allow a malicious actor to cause service failures or otherwise affect the system...

The vulnerability of the Android operating system, which allows a perpetrator to trigger a service failure or otherwise affect the system.

The vulnerability of librm in NVIDIA’s Android operating system systems is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to cause service failures or otherwise affect the system...

The vulnerability of the Android operating system, which allows a perpetrator to trigger a service failure or otherwise affect the system.

The vulnerability of the MediaTek video driver for the Android operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to cause service failures or otherwise affect the system...

The vulnerability of the Linux operating system, which allows a perpetrator to obtain confidential information

The vulnerability of the klsi105getlinestate function in the Linux operating system is related to insufficient protection of registration data. Exploiting this vulnerability can allow an attacker acting locally to obtain confidential information...

The vulnerability of the Android operating system, which allows a perpetrator to trigger a service failure or otherwise affect the system.

The vulnerability of NVIDIA’s Android operating system video driver is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to cause service failures or otherwise affect the system...