231 matches found
Exploit for CVE-2020-1349
CVE-2020-1349 This vulnerability occurs in Outlook 2019 16.0...
MMS Exploit Part 3: Constructing the Memory Corruption Primitives
Posted by Mateusz Jurczyk, Project Zero This post is the third of a multi-part series capturing my journey from discovering a vulnerable little-known Samsung image codec, to completing a remote zero-click MMS attack that worked on the latest Samsung flagship devices. New posts will be published a...
MMS Exploit Part 2: Effective Fuzzing of the Qmage Codec
Posted by Mateusz Jurczyk, Project Zero This post is the second of a multi-part series capturing my journey from discovering a vulnerable little-known Samsung image codec, to completing a remote zero-click MMS attack that worked on the latest Samsung flagship devices. New posts will be published ...
Exploit for Incorrect Calculation in Google Android
BluefragCVE-2020-0022 This is a RCE bluetooth vulnerability o...
Sneaky Zero-Click Attacks Are a Hidden Menace
Hacks that can play out without any user interaction may be more common than we realize, in part because they’re so difficult to detect...
iOS Mail bug allows remote zero-click attacks
On Monday, ZecOps released a report about a couple concerning vulnerabilities with the Mail app in iOS. These vulnerabilities would allow an attacker to execute arbitrary code in the Mail app or the maild process that assists the Mail app behind the scenes. Most concerning, though, is the fact th...
Zero-Day Warning: It's Possible to Hack iPhones Just by Sending Emails
Watch out Apple users! The default mailing app pre-installed on millions of iPhones and iPads has been found vulnerable to two critical flaws that attackers are exploiting in the wild, at least, from the last two years to spy on high-profile victims. The flaws could eventually let remote hackers...
Exploit Reseller Offering Up To $2.5 Million For Android Zero-Days
Well, there's some good news for hackers and vulnerability hunters, though terrible news for Google, Android device manufacturers, and their billions of users worldwide. The zero-day buying and selling industry has recently taken a shift towards Android operating system, offering up to $2.5 milli...
Apple will now pay hackers up to $1 million for reporting vulnerabilities
Apple has just updated the rules of its bug bounty program by announcing a few major changes during a briefing at the annual Black Hat security conference yesterday. One of the most attractive updates is… Apple has enormously increased the maximum reward for its bug bounty program from $200,000 t...
The Fully Remote Attack Surface of the iPhone
Posted by Natalie Silvanovich, Project Zero While there have been several rumours and reports of fully remote vulnerabilities affecting the iPhone being used by attackers in the last couple of years, limited information is available about the technical details of these vulnerabilities, as well as...
PT-2019-6103 · Facebook · Whatsapp Business For Ios +5
Name of the Vulnerable Software and Affected Versions: WhatsApp versions prior to 2.19.134 Android WhatsApp Business versions prior to 2.19.44 Android WhatsApp versions prior to 2.19.51 iOS WhatsApp Business versions prior to 2.19.51 iOS WhatsApp versions prior to 2.18.348 Windows Phone WhatsApp...