Apple Security Update: iOS 15.8.3 and iPadOS 15.8.3

Apple recommends to install security update iOS 15.8.3 and iPadOS 15.8.3 on devices iPhone 6s all models, iPhone 7 all models, iPhone SE 1st generation, iPad Air 2, iPad mini 4th generation, and iPod touch 7th generation...

Apple Security Update: iOS 15.8.3 and iPadOS 15.8.3

Apple recommends to install security update iOS 15.8.3 and iPadOS 15.8.3 on devices iPhone 6s all models, iPhone 7 all models, iPhone SE 1st generation, iPad Air 2, iPad mini 4th generation, and iPod touch 7th generation...

Apple Security Update: iOS 15.8.2 and iPadOS 15.8.2

Apple recommends to install security update iOS 15.8.2 and iPadOS 15.8.2 on devices iPhone 6s all models, iPhone 7 all models, iPhone SE 1st generation, iPad Air 2, iPad mini 4th generation, and iPod touch 7th generation...

Apple Security Update: iOS 15.8.2 and iPadOS 15.8.2

Apple recommends to install security update iOS 15.8.2 and iPadOS 15.8.2 on devices iPhone 6s all models, iPhone 7 all models, iPhone SE 1st generation, iPad Air 2, iPad mini 4th generation, and iPod touch 7th generation...

WebSSH for iOS 14.16.10 - (mashREPL) Denial of Service Exploit

Exploit Title: WebSSH for iOS 14.16.10 - 'mashREPL' Denial of Service PoC Author: Luis Martinez Vendor Homepage: https://apps.apple.com/mx/app/webssh-ssh-client/id497714887 Software Link: App Store for iOS devices Tested Version: 14.16.10 Vulnerability Type: Denial of Service DoS Local Tested on...

Mocha Telnet Lite for iOS 4.2 - (User) Denial of Service Exploit

Exploit Title: Mocha Telnet Lite for iOS 4.2 - 'User' Denial of Service PoC Discovery by: Luis Martinez Vendor Homepage: https://apps.apple.com/us/app/telnet-lite/id286893976 Software Link: App Store for iOS devices Tested Version: 4.2 Vulnerability Type: Denial of Service DoS Local Tested on OS:...

You Can Now Run Android on an iPhone With 'Project Sandcastle'

Not happy with your expensive iPhone and wondered if it's possible to run any other operating system on your iPhone, maybe, how to install Android on an iPhone or Linux for iPhones? Android phones can be rooted, and iPhones can be jailbroken to unlock new features, but so far, it's been close to...

scadaApp for iOS 1.1.4.0 - (Servername) Denial of Service Exploit

Exploit Title: scadaApp for iOS 1.1.4.0 - 'Servername' Denial of Service PoC Discovery by: Luis Martinez Vendor Homepage: https://apps.apple.com/ca/app/scadaapp/id1206266634 Software Link: App Store for iOS devices Tested Version: 1.1.4.0 Vulnerability Type: Denial of Service DoS Local Tested on...

Open Proficy HMI-SCADA 5.0.0.25920 Denial Of Service

Exploit Title: Open Proficy HMI-SCADA 5.0.0.25920 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2019-11-16 Vendor Homepage: https://apps.apple.com/us/app/proficyscada/id525792142 Software Link: App Store for iOS devices GE Intelligent Platforms, Inc. Tested Versio...

Open Proficy HMI-SCADA 5.0.0.25920 - (Password) Denial of Service Exploit

Exploit Title: Open Proficy HMI-SCADA 5.0.0.25920 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Vendor Homepage: https://apps.apple.com/us/app/proficyscada/id525792142 Software Link: App Store for iOS devices GE Intelligent Platforms, Inc. Tested Version: 5.0.0.25920 Vulnerabilit...

In-the-wild iOS Exploit Chain 1

Posted by Ian Beer, Project Zero TL;DR This exploit provides evidence that these exploit chains were likely written contemporaneously with their supported iOS versions; that is, the exploit techniques which were used suggest that this exploit was written around the time of iOS 10. This suggests...

iOS devices failing to enrol via NetScaler after upgrade to 11.1 60.13

After upgrading NetScaler to 11.1 60.13, iOS devices are no longer able to enroll However, Android devices are not affected. iPhone X can enroll but can't access the Store iPhone 7 can't enroll at all Checking the logs, we would be able to see the below, when iOS attempts to enroll: "AAA Client...

Trend Micro Virtual Mobile Infrastructure 5.5.1336 Denial Of Service

Exploit Title: Trend Micro Virtual Mobile Infrastructure 5.5.1336 - 'Server address' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2018-09-01 Vendor Homepage: http://www.trendmicro.com.tr/media/ds/virtual-mobile-infrastructure-datasheet-en.pdf Software Link: App Store for iOS...

Trend Micro Virtual Mobile Infrastructure 5.5.1336 - 'Server address' Denial of Service (PoC)

Exploit Title: Trend Micro Virtual Mobile Infrastructure 5.5.1336 - 'Server address' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2018-09-01 Vendor Homepage: http://www.trendmicro.com.tr/media/ds/virtual-mobile-infrastructure-datasheet-en.pdf Software Link: App Store for iOS...

Symantec Mobile Encryption for iPhone 2.1.0 - 'Server' Denial of Service (PoC)

Exploit Title: Symantec Mobile Encryption for iPhone 2.1.0 - 'Server' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2018-09-02 Vendor Homepage: https://www.symantec.com/ Software Link: https://itunes.apple.com/mx/app/symantec-mobile-encryption/id450235714?mt=8 Tested Version:...

Cisco AnyConnect Secure Mobility Client 4.6.01099 - Introducir URL Denial of Service (PoC)

Cisco AnyConnect Secure Mobility Client 4.6.01099 - Introducir URL Denial of Service PoC Exploit Title: Cisco AnyConnect Secure Mobility Client 4.6.01099 - 'Introducir URL' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2018-08-29 Vendor Homepage: https://www.cisco.com/ Softwar...

Trend Micro Enterprise Mobile Security 2.0.0.1700 - Servidor Denial of Service Exploit

Exploit for iOS platform in category dos / poc Exploit Title: Trend Micro Enterprise Mobile Security 2.0.0.1700 - 'Servidor' Denial of Service PoC Discovery by: Luis Martinez Vendor Homepage: https://www.trendmicro.com/ense/business/products/user-protection/sps/mobile.html Software Link: App Stor...

Trend Micro Enterprise Mobile Security 2.0.0.1700 - Servidor Denial of Service (PoC)

Trend Micro Enterprise Mobile Security 2.0.0.1700 - Servidor Denial of Service PoC Exploit Title: Trend Micro Enterprise Mobile Security 2.0.0.1700 - 'Servidor' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2018-08-26 Vendor Homepage:...

Chain of 11 Bugs Takes Down Galaxy S8 at Mobile Pwn2Own

The mobile version of the annual Pwn2Own contest wrapped up today in Tokyo with an unprecedented attack chain leveling the Samsung Galaxy S8. Researchers from MWR Labs used 11 vulnerabilities across six different mobile applications to execute code on Samsung’s flagship device and exfiltrate data...

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of October 23, 2017

Just like Bugs Bunny wears disguises to avert his enemies, there’s another “wascally” rabbit causing trouble in the form of ransomware. Bad Rabbit is the latest ransomware campaign hitting Eastern European countries with what looks like a variant of the Petya/NotPetya ransomware. Bad Rabbit sprea...