EUVD-2016-5597

Malware in sbrugna...

Apple iOS/tvOS/iPadOS/watchOS/macOS CVE-2019-8848 Privilege Escalation Vulnerability

Description Apple iOS/tvOS/iPadOS/watchOS/macOS are prone to a privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges on an affected system. Technologies Affected Apple Ipad Mini- Apple TV Apple Watch Apple iOS 10 Apple iOS 10.0.1 Apple iOS 10.1 Apple i...

About the security content of iOS 10 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

WhatsApp 2.18.31 - Memory Corruption

WhatsApp 2.18.31 - Memory Corruption !/usr/bin/env python -- coding: utf-8 -- Exploit Author: Juan Sacco at Exploit Pack - http://www.exploitpack.com This vulnerability has been discovered and exploited using Exploit Pack - Framework Tested on: iPhone 5/6s/X iOS 10 and 11.3 Latest release of iOS ...

Zerodium Offers $500K for Secure Messaging App Zero Days

Zerodium, a vendor operating in the nebulous exploit acquisition market, has put a premium on zero-day vulnerabilities in secure messaging applications in a new pricing structure announced today. Remote code execution and local privilege elevation zero days in messaging apps such as WhatsApp,...

CVE-2016-7759

An issue was discovered in certain Apple products. iOS before 10 is affected. The issue involves the "Springboard" component, which allows physically proximate attackers to obtain sensitive information by viewing application snapshots in the Task Switcher...

You Can Crash Anyone's iPhone Or iPad With A Simple Emoji Text Message

A newly discovered bug in Apple's iOS mobile operating system is being exploited in a prank that lets anyone crash your iPhone or iPad by just sending an emoji-filled iMessage, according to several reports. YouTube star EverythingApplePro published a video highlighting a sequence of characters th...

Apple iTunes Notify Script Insertion

Document Title: =============== Apple iTunes Notify - Bypass & Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2024 Followup ID: 654962036 Vulnerability Magazine:...

Apple Mac OS X 10.12/iOS 10 SecureTransport SSL handshake OCSP MiTM and DoS

Exploit for macOS platform in category dos / poc Apple macOS 10.12/iOS 10 SecureTransport SSL handshake OCSP MiTM and DoS --- 0. Description ---- The latest macOS and iOS have weak OCSP validation process which allow attacker to send OCSP requests up to 200k in name of victim during MiTM attack...

Zerodium Offers $1.5 Million Bounty For iOS Zero-Day Exploits

Well, there's some good news for Hackers and Bug hunters, though a terrible news for Apple! Exploit vendor Zerodium has tripled its bug bounty for an Apple's iOS 10 zero-day exploit, offering a maximum payout of $US1.5 Million. Yes, $1,500,000.00 Reward. That's more than seven times what Apple is...

Zerodium Triples its iOS 10 Bounty to $1.5 Million

Zerodium has tripled the bounty it offers for an Apple iOS 10 remote jailbreak, boosting the reward today to $1.5 million USD, founder Chaouki Bekrar said. Zerodium had previously offered $1 million for iOS 9 attacks that result in an untethered jailbreak, but that bounty was for a specific time...

iOS 1 0 backup encryption hack speed boost 2 5 0 0 times, the Keychain will no longer security-vulnerability warning-the black bar safety net

! According to the foreign media to the latest reports, a computer forensics company, Elcomsoft security research experts in iOS10 backup protection mechanism has discovered a serious security vulnerability. This security vulnerability would allow an attacker to by a new attack method to bypass t...

Researchers Find 'Severe' Security Hole in iOS 10 Backup

UPDATE A computer forensics firm says Apple weakened backup security protection with the Sept. 13 release of iOS 10, making it simple work for hackers to crack password protection used for backups of iOS devices stored on Macs and PCs. Elcomsoft, which explained the security hole in a blog post...

Apple Weakens iOS 10 Backup Encryption; Now Can Be Cracked 2,500 Times Faster

After the iPhone encryption battle between Apple and the FBI, Apple was inspired to work toward making an unhackable future iPhones by implementing stronger security measures even the company can't hack. Even at that point the company hired one of the key developers of Signal — one of the world's...

iPhone 7 Jailbreak Has Already Been Achieved In Just 24 Hours!

It has only been a few days since the launch of Apple's brand new iPhone 7 and iPhone 7 Plus, but it appears that the new iPhone has already been jailbroken. That didn't take long. Right? Security researcher and well-known hacker Luca Tedesco shared an image of his jailbroken smartphone on his...

iOS 10 Security Updates Move to HTTPS

Update Apple has finally moved its iOS security update mechanism to HTTPS with today’s release of iOS 10. Previously, updates were sent to devices over HTTP and attackers already present on a network could interfere with updates. “An issue existed in iOS updates, which did not properly secure use...

About the security content of iOS 10

About the security content of iOS 10 This document describes the security content of iOS 10. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent...

Putting Apple Bug Bounty Rewards in Perspective

Admittedly, the payouts for Apple’s bug bounty announced last week at Black Hat drew mixed reactions ranging from reasonable to raucously funny. Apple made a big splash at the annual hacker conference, first via a last-minute announcement that well-regarded Ivan Krstic would be giving a talk on...

iOS 9.3.4 Patches Critical Code Execution Flaw

Apple last week patched a critical iOS memory corruption vulnerability that could allow attackers to execute code on compromised devices. The flaw was found by Team Pangu, a Chinese hacker group that specializes in building iOS jailbreak tools. The vulnerability is fixed in iOS 9.3.4. “An...

Apple left iOS 10 Kernel Code Unencrypted, Intentionally!

Apple’s new iOS 10 recently made headlines after MIT Technology Review revealed that the company had left the kernel of the mobile operating system unencrypted. Yes, the first developer preview of iOS 10 released at WWDC has an unencrypted kernel. When the headline broke, some of the users were...