{"id": "VULNERABLE:412", "vendorId": null, "type": "vulnerlab", "bulletinFamily": "exploit", "title": "HITB2011KUL - Hacking Androids for Profit", "description": "", "published": "2012-02-02T00:00:00", "modified": "2012-02-02T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.vulnerability-lab.com/get_content.php?id=412", "reporter": "Riley Hassell is an internationally recognized security professional. He is an industry expert in the fields \r\nof application security assessment, software reverse engineering and malware analysis. Mr. Hassell discovered \r\nand disclosed many of the most critical software vulnerabilities known. Throughout the year 2000 and 2001 he \r\nwas responsible for several critical vulnerabilities, each having major repercussions on the security industry \r\nat large.\r\n\r\nMr. Hassell was responsible for the discovery of the first critical remote vulnerabilities in Windows 2000 and \r\nWindows XP. He also discovered the vulnerability that triggered the Code Red Internet worm. His initial dissection \r\nof the worm was used to develop and put in place protective measures to safeguard the network targeted by Code Red, \r\nthe Whitehouse public network. Taking his research a step further he forecast future worm technologies and presented \r\nduring presentations at the Blackhat security conference. During the year 2002 Mr. Hassell performed an assessment \r\nof the popular security products. During his assessment he discovered critical vulnerabilities in several leading \r\nsecurity products, pushing security vendors to take a second look at their software.\r\n\r\nMr. Hassell spent the following several years working with startup ventures to pioneer product technologies in the \r\npatch management, intrusion prevention, vulnerability analysis and malware analysis fields. Following his employment \r\nat iSEC he founded Privateer Labs and refocused his combined expertise to the emerging threats of the mobile landscape.", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2021-12-20T08:14:56", "viewCount": 2, "enchantments": {"dependencies": {}, "score": {"value": 0.0, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.0}, "sourceData": "Document Title:\r\n===============\r\nHITB2011KUL - Hacking Androids for Profit\r\n\r\n\r\nReferences:\r\n===========\r\nDownload:\thttp://www.vulnerability-lab.com/resources/videos/412.wmv\r\nView: \t\thttp://www.youtube.com/watch?v=QizOQjsjLq4\r\n\r\n\r\n\r\nRelease Date:\r\n=============\r\n2012-02-02\r\n\r\n\r\nVulnerability Laboratory ID (VL-ID):\r\n====================================\r\n412\r\n\r\n\r\nDiscovery Status:\r\n=================\r\nPublished\r\n\r\n\r\nExploitation Technique:\r\n=======================\r\nEvent\r\n\r\n\r\nSeverity Level:\r\n===============\r\nMedium\r\n\r\n\r\nTechnical Details & Description:\r\n================================\r\nWe will reveal new threats to Android Apps, and discuss known and unknown weaknesses in \r\nthe Android OS and Android Market. This presentation will offer insight into the inner \r\nworking of Android apps and the risks any user faces when installing and using apps from \r\nthe marketplace. We will reveal previously undisclosed vulnerabilities in vendor apps \r\ninstalled on millions of US mobile phones and techniques to evade all available security solutions.\r\n\r\n\r\nCredits & Authors:\r\n==================\r\nRiley Hassell is an internationally recognized security professional. He is an industry expert in the fields \r\nof application security assessment, software reverse engineering and malware analysis. Mr. Hassell discovered \r\nand disclosed many of the most critical software vulnerabilities known. Throughout the year 2000 and 2001 he \r\nwas responsible for several critical vulnerabilities, each having major repercussions on the security industry \r\nat large.\r\n\r\nMr. Hassell was responsible for the discovery of the first critical remote vulnerabilities in Windows 2000 and \r\nWindows XP. He also discovered the vulnerability that triggered the Code Red Internet worm. His initial dissection \r\nof the worm was used to develop and put in place protective measures to safeguard the network targeted by Code Red, \r\nthe Whitehouse public network. Taking his research a step further he forecast future worm technologies and presented \r\nduring presentations at the Blackhat security conference. During the year 2002 Mr. Hassell performed an assessment \r\nof the popular security products. During his assessment he discovered critical vulnerabilities in several leading \r\nsecurity products, pushing security vendors to take a second look at their software.\r\n\r\nMr. Hassell spent the following several years working with startup ventures to pioneer product technologies in the \r\npatch management, intrusion prevention, vulnerability analysis and malware analysis fields. Following his employment \r\nat iSEC he founded Privateer Labs and refocused his combined expertise to the emerging threats of the mobile landscape.\r\n\r\n\r\nDisclaimer & Information:\r\n=========================\r\nThe information provided in this advisory is provided as it is without any warranty. Vulnerability-Lab disclaims all warranties, \r\neither expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-\r\nLab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business \r\nprofits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some \r\nstates do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation \r\nmay not apply. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases \r\nor trade with fraud/stolen material.\r\n\r\nDomains: www.vulnerability-lab.com \t- www.vuln-lab.com\t\t\t - www.vulnerability-lab.com/register\r\nContact: admin@vulnerability-lab.com \t- support@vulnerability-lab.com \t - research@vulnerability-lab.com\r\nSection: video.vulnerability-lab.com \t- forum.vulnerability-lab.com \t\t - news.vulnerability-lab.com\r\nSocial:\t twitter.com/#!/vuln_lab \t\t- facebook.com/VulnerabilityLab \t - youtube.com/user/vulnerability0lab\r\nFeeds:\t vulnerability-lab.com/rss/rss.php\t- vulnerability-lab.com/rss/rss_upcoming.php - vulnerability-lab.com/rss/rss_news.php\r\n\r\nAny modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. \r\nPermission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other \r\nmedia, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, sourcecode, videos and \r\nother information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), \r\nmodify, use or edit our material contact (admin@vulnerability-lab.com or support@vulnerability-lab.com) to get a permission.\r\n\r\n \t\t\t\t \tCopyright \u00a9 2012 | Vulnerability Laboratory\r\n\r\n\r\n\r\n", "category": "IT-Security Videos", "_state": {"dependencies": 1646129072, "score": 1659853389, "epss": 1679174273}, "_internal": {"score_hash": "fb4be80b5ac60baac5a18a4994965a6f"}}
HITB2011KUL - Hacking Androids for Profit