EUVD-2012-3691

Malware in sbrugna...

Alert: Chinese-Speaking Hackers Pose as UAE Authority in Latest Smishing Wave

The Chinese-speaking threat actors behind Smishing Triad have been observed masquerading as the United Arab Emirates Federal Authority for Identity and Citizenship to send malicious SMS messages with the ultimate goal of gathering sensitive information from residents and foreigners in the country...

Uber security alert scam spoofs real Uber number—Watch out!

This morning Malwarebytes Labs received a scam masquerading as a security alert from Uber. The alert was pretty convincing and used the kind of language were used to seeing in genuine security emails and SMS messages. It read: Your Uber account was recently logged into from iPhone in London. If...

Twitter Downplays SMS-Spoofing Issue

Twitter officials say that a researcher’s claims that the service is open to an SMS-spoofing vulnerability are not completely accurate, and that Twitter users in the United States are not vulnerable to the attack. Moxie Marlinspike of Twitter’s security team said that the company in August had...

Twitter Resolves SMS Bug (For Some Users)

UPDATE–A day after an independant security researcher disclosed a vulnerability in SMS-enabled Twitter accounts, the social network giant announced it’s fixed the flaw – at least for some users. Those who use a “long code” and/or cannot use a PIN code remain at risk. The update came Tuesday eveni...

Twitter SMS-Spoofing Bug Allows Attackers to Send Tweets From Users' Accounts, Edit Profiles

There is a bug in the way that Twitter handles a feature that enables users to post messages via SMS and the researcher who discovered the bug says that it allows anyone who knows a user’s mobile number to not only tweet from the user’s account but also modify information in the user’s profile. T...

CVE-2012-3744

Telephony in Apple iOS before 6 uses an SMS message's return address as the displayed sender address, which allows remote attackers to spoof text communication via a message in which the return address does not match the originating address...

CVE-2012-3744

Telephony in Apple iOS before 6 uses an SMS message's return address as the displayed sender address, which allows remote attackers to spoof text communication via a message in which the return address does not match the originating address...

CVE-2012-3744

CVE-2012-3744 is an iOS Telephony vulnerability where an SMS message may spoof the sender by the message’s return address being displayed as the sender. Connected Apple security documentation confirms this CVE and indicates the issue was addressed in iOS 6 via Apple’s update, so the remediation i...

iPhone SMS spoofing vulnerability disclosure-vulnerability warning-the black bar safety net

Vulnerability description: 4 days ago Pod2g issued a document to Never trust SMS: iOS text spoofin http://pod2g-ios.blogspot.com/2012/08/never-trust-sms-ios-text-spoofing.html The vulnerability can affect all iOS version including the latest iOS 6 beta 4 to. And cloth use the program:...

Apple iOS SMS伪造漏洞

Apple iOS是一款苹果公司开发的移动设备上的操作系统。 Apple iOS上的SMS存在安全漏洞，允许攻击者获取敏感信息或进行伪造攻击。 SMS消息的文本负载中，UDH User Data Header段是一个可选的，但定义了很多手机不兼容的高级功能。其中有个选项允许用户更改文本的回复地址，如果目的手机兼容此消息，并且如果接收者尝试回复文本，那么他就不会回应原来的号码，而是指定的那个。大多数运营商不会检查这部分消息，这意味着攻击者可以任意指定此段，如修改为911或其他号码。 要利用这个SMS漏洞，需要攻击者可以RAW PDU格式发送文本。 0 Apple iOS 厂商解决方案...

Serious Security Flaw : iPhone Bug Allows SMS Spoofing

A rather serious security flaw in the iPhone's SMS messaging system has been discovered and revealed by well-known security researcher and jailbreak extraordinaire 'pod2g'. Security flaw affecting all iPhones that he says could facilitate hackers or thieves to access your personal information. Th...

Researcher Finds iPhone Bug Allows SMS Spoofing

The iPhone SMS app contains a quirky bug that could allow someone to send a user a text message that appears to come from any number that the sender specifies. The researcher who discovered the bug said that it could be used by attackers to spoof messages from a bank or credit card company and se...