Posts Tagged ‘exploit’

Text message exploit can force your Nexus phone to reboot

Google Nexus 5

Watch out if someone sends a flood of text messages to your Nexus phone — they may be trying to break in or otherwise cause havoc. IT administrator Bogdan Alecu has discovered an Android bug that triggers exploitable behavior in the Galaxy Nexus, Nexus 4 and Nexus 5 whenever they’re hit by a large volume of Class 0 SMS messages, or texts that aren’t automatically stored on the phone. The denial of service attack usually forces the handset to reboot, but it can also disable the network connection (if temporarily) or crash the messaging app. Non-Nexus hardware appears to be safe, although Alecu notes that he hasn’t had a chance to test a wide variety of gadgets. Regardless of the problem’s scale, affected users will have to be cautious for a while; Google tells PCWorld that it’s looking into the exploit, but there’s no word on just when we can expect a patch.

Filed under: , ,


Via: PCWorld

Source: DefCamp

Related Posts:

Microsoft pays $100,000 bounty for discovery of Windows 8.1 exploit

Microsoft said it would pay up to a $ 100,000 bounty to researchers who found exploits in Windows 8.1, and it’s putting its money where its mouth is. The company just paid the full hundred grand to Context Information Security’s James Forshaw for discovering a defense circumvention technique. While …

Related Posts:

Employee creates Bitcoin botnet to exploit ESEA’s 500,000-member gaming community


The ESEA gaming network has been exploiting its users’ powerful graphics cards to mine Bitcoins without their knowledge. The mining began on April 13th and affected thousands of gamers, who unwittingly mined over $ 3,700 worth of the currency. ESEA, which describes itself as “the largest competitive video gaming community in North America,” wasn’t aware that the Bitcoin mining was taking place, and blames the behavior on a rogue employee out for personal gain.

The full story on how and why the Bitcoin-mining software made its way to users’ computers isn’t yet available, but ESEA had been exploring the idea of adding a Bitcoin mining option to its client. The idea was canned on April 12th, but the next day, the rogue employee secretly…

Continue reading…

Related Posts:

Microsoft offers fix for exploit that could hijack PCs running old versions of IE

Microsoft Logo 2 (Verge Stock)

Microsoft is today resolving a nasty vulnerability that targets old versions of Internet Explorer and allowed a user’s PC to be overtaken if the browser was steered to select malicious websites. After it was initially found last month, Microsoft offered up a few workarounds and a standalone patch to avoid the flaw, which threatens versions 6, 7, and 8 of Internet Explorer. But today’s security update should eliminate the vulnerability for good. Microsoft says that to date, just a “limited number” of customers have fallen victim to the zero-day exploit, but admits ” the potential exists that more customers could be affected in the future.” As such, the update has been designated critical and will be automatically installed for users that…

Continue reading…

Related Posts:

Facebook dodges potential ‘peeping Tom’ webcam exploit thanks to bug hunters

Facebook Password lock

It appears that Facebook has actually dodged a rather significant security mishap that would have permitted hackers to remotely and secretly trigger individual webcams and publish the taped video to their profiles. According to Bloomberg, a pair of researchers at XY Safety found this bug in July and sent it to Facebook, who paid the pair $ 2,500 in cash for their efforts– that’s five times the typical going rate Facebook provides for bugs individuals submit, an admission that the bug was particularly severe. A Facebook spokesperson told Bloomberg that it found no individuals were affected when it closed the hole, but it’s still a possibly significant flaw the company need to be pleased it fixed before things got awful. “This susceptability, like lots of others we …

Continue reading & hellip;

Related Posts:

Samsung Exynos Memory Bug Abuse Root Exploit

Thanks to the Samsung Exynos Memory Bug Abuse Exploit I have now rooted my Samsung Galaxy S3 4G (GT-I9305). It’s very easu to do by installing this .apk: That app is called Exynos Abuse and is meant to patch the exploit, but with just one click you can also root / unroot your phone! Incredibly cool :) Please subscribe to my YouTube channel: Google+: Videos: Twitter: FaceBook: Blog: My Equipment: Just my iPhone 5, Samsung Galaxy S3 4G, Logitech PRO Web Cam, 11-inch MacBook Air and Final Cut Pro :)

Related Posts:

The Defense Intelligence Agency Is Looking For Contractors To Help It Exploit Mobile Devices


The U.S. Protection Cleverness Company is searching for a few good specialists to help it kick up its mobile info gathering capabilities, according to a brand-new request for information (RFI) uploaded to its website Dec. 12 and detected today by Tough Wireless. The request has the government organization getting information sources for innovation aspired at exploiting digital media and hardware, with an unique request for exploitation of mobile gadgets with methods not generally offered on the industrial market.

The request looks to be a basic effort by the government to locate methods of much better opening the potential of details on cellular phone and tablets. The rush to mobile isn ’ t simply something that startups and established businesses are trying to keep up with, in other words; the USA government wishes in on the action, too.

The RFI is pretty broad general, covering not just mobile, but additionally “ exploitation systems in Windows, Mac OS, and Linux. On the whole, it appears like a rather simple ask for outsider experience in hacking and digital cleverness. But the mobile section looks like essentially an admission that really valuable initiatives on this front would take the form of transportable gadgets that would be able to collect details from exploited media information sources.

Here ’ s what the entire thing has me reasoning of: the scene in every episode of Person of Interest where Jim Caviezel pairs his very own mobile phone with his target ’ s, permitting him to hear and see any sort of activity on that gadget entirely unnoticed. Isn ’ t that real yet? If it isn ’ t, the government appears to desire some outside assistance to make it so.

Related Posts:

Security exploit opens Samsung Galaxy S III, Note II to attack, could let apps from Google Play write to Kernel

Security exploit opens Samsung Galaxy S III, Note II to attack, could let apps from Google Play write to Kernel

Amidst the XDA area’s continuous mission to root every Android smartphone it discovers, one online forum user appears to have actually found a significant exploit that influences certain Exynos gadgets. While fiddling with his Galaxy S III, XDA individual Alephzain found a means to obtain root without flashing with Odin. The Samsung bit evidently enables read / compose access to all physical memory on the device, including the bit itself. This produces an easy root, Alephzain writes, but leaves devices open to attack– enabling Bit code treatments and RAM disposes of from malware-laden applications from the Google Play store.

It isn’t really the only avenue for attack on an Android mobile phone, however it is an extremely easy attack. The good news is, an area cultivated fix appears rather simple too– XDA user RyanZA has actually already developed a patch to customize write consents on affected gadgets– though Galaxy S III users are stating that the fix cripples the phone’s camera app. So far, Alephzain has actually confirmed that the Galaxy S II, III, Note II and the Meizu MX are at risk, but keeps in mind that the exploit might deal with any type of device running a Exynos 4210 or 4412 processor. Samsung has not yet made a remark about the susceptability, however forum participants state that the problem has actually been reported. As for the exploit’s lasting effects? Head on over to the XDA forums to sign up with the discussion.

Filed under: , , ), (2)

Related Posts:

New Java exploit puts 1 billion Macs and PCs at risk

Java logo

A new zero-day vulnerability has been discovered in all currently-supported versions of Oracle’s Java software, potentially allowing attackers to install malware on around 1 billion Macs and PCs. Announced on the Full Disclosure mailing list by security researcher Adam Gowdiak yesterday, the bug is present in Java 5, Java 6, and Java 7 — as Computerworld points out, it is particularly significant for users of versions of Mac OS X up to and including Snow Leopard 10.6, which come bundled with the software. The 1 billion figure is taken from installation statistics provided by Oracle.

Technical details of the vulnerability have not been publicly disclosed, and Gowdiak emphasizes that he has handed all details, including the source code…

Continue reading…

Related Posts:

Microsoft issues fix for Internet Explorer malware exploit, promises full patch by Friday

Internet Explorer zero-day vulnerability (Metasploit)

Just a few short days after identifying a security exploit in multiple versions Internet Explorer, Microsoft has issued a Windows fix it to resolve the issue, with a comprehensive update planned for this Friday. The vulnerability, which was discovered on Monday, put millions of machines at risk by allowing malware to bypass existing security protocols via a specially crafted Flash animation. While it’s exact origins remain unknown, the exploit was believed to have been propagated by the same hacker group that launched the zero-day Java vulnerability last month. While the fix it offers immediate protection, Microsoft urges all Internet Explorer users to download and install their forthcoming security update when it becomes available via…

Continue reading…

Incoming search terms:

Related Posts:

Featured Products

Gruvisoft Donations