Lucene search
K

5 matches found

ThreatPost
ThreatPost
added 2016/10/06 10:0 a.m.17 views

Mobile App Collusion Can Bypass Native Android Security

DENVER – Android’s native security mechanisms, most notably application sandboxing, secure devices against threats from one app at a time. Multiple apps however, can collude in different ways and bypass these protections. Researchers on Wednesday at the 26th Virus Bulletin International Conferenc...

7AI score
Exploits0References1
seebug.org
seebug.org
added 2015/11/05 12:0 a.m.50 views

百度 moplus SDK 后门 (WormHole 虫洞)

报告来源:趋势科技 目前,人们之所以称之为漏洞是基于 Moplus SDK 的访问权限控制以及应该如何限制这种访问的角度。因此,它虽然具有漏洞相关的概念而实际上是一个后门程序,如推送钓鱼网页,插入任意联系人,发送伪造短信,上传本地文件到远程服务器,未经用户授权安装任意应用到 Android 设备。而执行这些行为唯一的要求是该设备首先需要连接互联网。由于 Moplus SDK 已经被集成到众多的 Android 应用程序中,这就意味着有上亿的Android用户受到了影响。 图1.恶意软件使用的 Moplus SDK 来进行静默安装 通过 Moplus SDK 挖掘 Moplus...

7.1AI score
Exploits0
myhack58
myhack58
added 2015/11/05 12:0 a.m.32 views

Baidu really fixed all of the WormHole vulnerability?-vulnerability warning-the black bar safety net

You can’t have a back door in the software because you can’t have a back door that's only for the good guys.“ - Apple CEO Tim Cook You should not give software to install the back door, because you can't guarantee that this Backdoor only the good guys can use the--Apple CEO cook 0×0 developments...

0.1AI score
Exploits0
myhack58
myhack58
added 2015/11/04 12:0 a.m.21 views

Baidu Department of Applied WormHole vulnerability details analysis-vulnerability warning-the black bar safety net

Baidu moplus SDK is called a wormhole(Wormhole of vulnerability was reported after the“a ripple”, it is implanted into 1 4 0 0 0 app, these apps have close to 4 0 0 0 A are by Baidu produced. The vulnerability is a vulnerability reporting platform black bar safety net vulnerability bulletins foun...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2015/11/03 2:11 a.m.15 views

Backdoor in Baidu Android SDK Puts 100 Million Devices at Risk

The China's Google-like Search Engine Baidu is offering a software development kit SDK that contains functionality that can be abused to give backdoor-like access to a user's device, potentially exposing around 100 Million Android users to malicious hackers. The SDK in question is Moplus, which m...

7AI score
Exploits0
Rows per page
Query Builder