11 matches found
EUVD-2014-4350
Malware in sbrugna...
Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion
A 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he acted as a core developer for Raccoon, a popular "malware-as-a-service" offering that helped paying customers steal passwords and financial data from millions of cybercrime victims...
55 New Security Flaws Reported in Apple Software and Services
A team of five security researchers analyzed several Apple online services for three months and found as many as 55 vulnerabilities, 11 of which are critical in severity. The flaws — including 29 high severity, 13 medium severity, and 2 low severity vulnerabilities — could have allowed an attacke...
Apple Touch ID Flaw Could Have Let Attackers Hijack iCloud Accounts
Apple earlier this year fixed a security vulnerability in iOS and macOS that could have potentially allowed an attacker to gain unauthorized access to a user's iCloud account. Uncovered in February by Thijs Alkemade, a security specialist at IT security firm Computest, the flaw resided in Apple's...
A new kind of Apple phishing scam
In a recent blog post, Felix Krause revealed a method for phishing Apple ID passwords on iOS that would be quite indistinguishable from a real iOS password request. This got us thinking about the ramifications—how else could this tactic be used in the Apple ecosystem, and what kind of damage coul...
Apple Launches Bug Bounty with Maximum $200,000 Reward
LAS VEGAS—Apple closed out Black Hat today with a long-awaited announcement that next month it will launch a bug bounty. The Apple Security Bounty will be an invitation-only program, open to two dozen researchers at the outset, said Ivan Krstic, head of security engineering and architecture. The...
CVE-2 0 1 4-4 4 2 3 analysis process and findings-vulnerability warning-the black bar safety net
Primer Some time ago the“steamed rice”on his blog published the article“on a non-jailbroken iPhone 6 iOS 8.1.3 on phishing attacks stealing App Store passwords”, see the article later to try to reproduce the whole process. Since the“steamed rice”the entire process is described more clearly, combi...
Hacker Released 'iDict' Tool That Can Hack Your iCloud Account
Hackers have a great start of new year 2015, giving a public threat to Apple’s online iCloud service. A hacker using the handle "Pr0x13" has released a password-hacking tool to GitHub website that assures attackers to break into any iCloud account, potentially giving them free access to victims’...
CVE-2014-4423
The Accounts subsystem in Apple iOS before 8 allows attackers to bypass a sandbox protection mechanism and obtain an active iCloud account's Apple ID and metadata via a crafted application...
Design/Logic Flaw
The Accounts subsystem in Apple iOS before 8 allows attackers to bypass a sandbox protection mechanism and obtain an active iCloud account's Apple ID and metadata via a crafted application...
CVE-2014-4423
The Accounts subsystem in Apple iOS before 8 allows attackers to bypass a sandbox protection mechanism and obtain an active iCloud account's Apple ID and metadata via a crafted application...