Posts Tagged ‘mobile’

Oh Gosh! Four Zero Day Vulnerabilities Disclosed in Internet Explorer

Monday, July 27th, 2015

How many Zero-Days do you think could hit Microsoft today? Neither one nor two; this times its Four.

The Hewlett-Packard’s Zero-Day Initiative (ZDI) has disclosed four new zero-day vulnerabilities in Microsoft’s Internet Explorer browser that could be exploited to remotely execute malicious code on victim’s machine.

All the four zero-days originally were reported to Microsoft, affecting Internet Explorer on the desktop. However, later it was discovered that the zero-day vulnerabilities affected Internet Explorer Mobile on Windows Phones as well.

Each of the four zero-day flaws affects different components of the browser, and all are remotely exploitable through typical drive-by attacks.

Four Zero-day vulnerabilities Disclosed by ZDI

Here are the zero-day vulnerabilities, as reported by ZDI:

ZDI-15-359: AddRow Out-Of-Bounds Memory Access Vulnerability

ZDI-15-360: Use-After-Free Remote Code Execution Vulnerability

ZDI-15-361: Use-After-Free Remote Code Execution Vulnerability

ZDI-15-362: Use-After-Free Remote Code Execution Vulnerability

The most critical vulnerability out of the four bugs is the AddRow Out-Of-Bounds Memory Access flaw that affects the way Internet Explorer handles some specific arrays.

“The vulnerability relates to how Internet Explorer processes arrays representing cells in HTML tables,” says the advisory issued by the Zero Day Initiative. “By manipulating a document’s elements an attacker can force the Internet Explorer (IE) to use memory past the end of an array of HTML cells. An attacker can leverage this vulnerability to execute code under the context of the current process.”

Another vulnerability the company disclosed is a bug in how Internet Explorer handles CAttrArray objects. The vulnerability could allow an attacker to manipulate a document’s elements in an attempt to force a free dangling pointer to be reused, leveraging the attacker to execute malicious code on victim’s machine.

The two other zero-days are similar as they involve Internet Explorer mishandling CTreePos and CCurrentStyle objects in some circumstances. This leads to a dangling pointer that a remote attacker can reuse, allowing them to execute arbitrary code on the vulnerable machine.

Microsoft has fixed all the four zero-day vulnerabilities in the desktop version of its browser, but the flaws remain open on Internet Explorer Mobile.

HP’s Zero Day Initiative does not slack with its 120-day disclosure policy. It notified Microsoft of the first zero-day flaw on November 12, 2014, and extended the disclosure deadline to May 12, 2015, then again to July 19. However, with no patch forthcoming, ZDI went public on July 22.

via Oh Gosh! Four Zero Day Vulnerabilities Disclosed in Internet Explorer.

What is Freak? Security bug affects hundreds of millions of iPhone, iPad and Android users

Wednesday, March 4th, 2015

Researchers have uncovered the latest vulnerability in the way our data is protected online, with the Freak bug potentially putting hundreds of millions of smartphone and tablet users at risk.

The bug, which affects HTTPS encrypted communication online, has been around for decades, but was only uncovered on 3 March, 2015. If exploited the bug could give hackers access to your personal data including login details and evening banking information.

Here, we break down just what Freak is, how it works, and who is vulnerable:

What is Freak?

Freak is the latest security flaw to be discovered in the cryptographic protocols which are used to encrypt your online communications – known as SSL and TLS.

The vulnerability is in particular found in OpenSSL, the same protocol which was at the centre of the Heartbleed controversy last year.

Who discovered it?

The vulnerability, which has been around since the 1990s, was only discovered on Tuesday, 3 March by researchers at the French Institute for Research in Computer Science and Automation, Microsoft Research and IMDEA.

Why has Freak been around for so long?

The problem dates back to the early 1990s when the US government decided that it wanted to weaken the encryption standards on products being shipped overseas by US companies.

It required the companies to downgrade the encryption being used from strong RSA grade encryption to “export-grade” encryption. At the time this “export-grade” encryption was still relatively strong, requiring a supercomputer to be able to crack the 512-bit encryption key, meaning only the US government were likely to be able to exploit the vulnerability.

However with the rapid advance in computing, this is no longer the case, and with access to huge computing power through the likes of Amazon’s cloud computing service AWS, anyone could potentially exploit the Freak bug.

As renowned cryptographer Matthew Green says:

The export-grade RSA ciphers are the remains of a 1980s-vintage effort to weaken cryptography so that intelligence agencies would be able to monitor. This was done badly. So badly, that while the policies were ultimately scrapped, they’re still hurting us today. Encryption backdoors will always turn around and bite you in the ass. They are never worth it.

Who is vulnerable to a Freak attack?

iPhone 6 Review
The Safari browser on Apple’s iPhones and iPads is vulnerable to attack(IBTimes UK)

According to the researchers on the user side, Apple’s Safari web browser on its iPhone, iPad and Mac devices is vulnerable as well as almost all versions of Android as Google uses the OpenSSL protocol in its mobile operating system. That means that potentially hundreds of millions of people are at risk.

The Chrome desktop browser, Microsoft’s Internet Explorer or Mozilla’s Firefox are not vulnerable.

On the server side, according to researchers, just shy of 10% of the internet’s top million websites are vulnerable. This is down from 12.2% on Tuesday, meaning that website administrators seem to be fixing the problem.

There are however still many major websites including banking, media and government sites which are affected. These include the websites of American Express, Business Insider, Bloomberg, the Marriot hotel group and indeed IBTimes UK.

The list previously included the FBI’s website for anonymous informants, but this is no longer vulnerable it would seem. However the whitehouse.gov website remains vulnerable.

The full list can be found here.

 

via What is Freak? Security bug affects hundreds of millions of iPhone, iPad and Android users.

Record-breaking 1Tbps Speed achieved Over 5G Mobile Connection – Hacker News

Thursday, February 26th, 2015

New Generations usually bring new base technologies, more network capacity for more data per user, and high speed Internet service, for which Internet service providers usually advertise. However, it is believed that the fifth generation (5G Technology) of mobile network will be beyond our thoughts.1TBPS OVER 5GSecurity researchers from the University of Surrey have just achieved Record-Breaking data speeds during a recent test of 5G wireless data connections, achieving an incredible One Terabit per second (1Tbps) speed – many thousands of times faster than the existing 4G connections.After 4G, 5G is the next generation of mobile communication technology that aims at offering far greater capacity and be faster, more energy-efficient and more cost-effective than anything that has seen before. The boffins say 5G will be different – very different.The 5G test was conducted at the university’s 5G Innovation Centre (5GIC), which was founded by a host of telecoms industry partners including Huawei, Fujitsu, Samsung, Vodafone, EE, Aircom, BT, Telefonica, Aeroflex, BBC and Rohde & Schwarz.

via Record-breaking 1Tbps Speed achieved Over 5G Mobile Connection – Hacker News.

Hacking Gmail App with 92 Percent Success Rate

Wednesday, August 27th, 2014
The team of researchers – Zhiyun Qian, of the University of California, Riverside, and Z. Morley Mao and Qi Alfred Chen from the University of Michigan – will present its paper, “Peeking into Your App without Actually Seeing It: UI State Inference and Novel Android Attacks” (PDF), at the USENIX Security Symposium in San Diego on August 23.
The paper detailed a new type of hack method, which they call a UI [user interface] state interference attack – running the malicious app in the background without users’ knowledge. You can watch some short videos of the attacks in action below.

The team of researchers – Zhiyun Qian, of the University of California, Riverside, and Z. Morley Mao and Qi Alfred Chen from the University of Michigan – will present its paper, “Peeking into Your App without Actually Seeing It: UI State Inference and Novel Android Attacks” (PDF), at the USENIX Security Symposium in San Diego on August 23rd.
via Hacking Gmail App with 92 Percent Success Rate.

Android iOS Market Share: July 2014 sees Android top iOS | BGR

Friday, August 1st, 2014

samsung s5

We all know Android’s market share crushes every other mobile platform out there in terms of shipment volume, but Android’s share of mobile usage as recorded by various networks around the world has always lagged Apple’s iOS platform… until now.

Just as we noted would be the case, Net Applications shows that Android’s share of global smartphone and tablet usage has narrowly topped worldwide combined usage of iPhones and iPad tablets. This marks the first time in the platform’s history that it finds itself at the top of the mobile pile.

Net Applications measure global mobile usage, which it refers to as market share, by monitoring traffic across its massive global network.

Screen Shot 2014-08-01 at 9.21.48 AM

In the month of July, the firm shows that Android’s usage share jumped to 44.62% from 43.75% in June. As Android was gaining almost a point, iOS’s share of global mobile usage dipped to 44.19% in July from 45.61% in June.

via Android iOS Market Share: July 2014 sees Android top iOS | BGR.

Undocumented iOS Features left Hidden Backdoors Open in 600 Million Apple Devices

Tuesday, July 22nd, 2014

ios vulnerable

A well known iPhone hacker and forensic scientist has unearthed a range of undocumented and hidden functions in Apple iOS mobile operating system that make it possible for a hacker to completely bypass the backup encryption on iOS devices and can steal large amounts of users’ personal data without entering passwords or personal identification numbers.Data forensics expert named Jonathan Zdziarski has posted the slides PDF titled “Identifying Backdoors, Attack Points, and Surveillance Mechanisms in iOS Devices” showing his findings, from his talk at the Hackers On Planet Earth HOPE X conference held in New York on Friday.Jonathan Zdziarski, better identified as the hacker "NerveGas" in the iPhone development community, worked as dev-team member on many of the early iOS jailbreaks and is also the author of five iOS-related O’Reilly books including "Hacking and Securing iOS Applications."The results of his overall research on the iOS devices indicate a backdoor into iOS device’ operating system, although it is not at all that much widely open as a number of reports have suggested.You can protect your iOS device settings, Messages, Camera Roll, documents, saved games, email account passwords, Wi-Fi passwords, and passwords that you enter into websites using iTunes Backup feature. iTunes also allows users to protect their backup data with an encryption.

via Undocumented iOS Features left Hidden Backdoors Open in 600 Million Apple Devices.

First Android Ransomware that Encrypts SD Card Files

Monday, June 9th, 2014

 

android ransomware virus

We have seen cybercriminals targeting PCs with Ransomware malware that encrypts your files or lock down your computer and ask for a ransom amount to be paid in a specified duration of time to unlock it.

To deliver the Ransomware malwares to the mobile devices, cyber criminals have already started creating malicious software programs for android devices. Last month, we reported about a new Police Ransomware malware that locks up the devices until the victims pay a ransom to get the keys to unlock the phone. But, the malware just lock the mobile screen and a loophole in the its implementation allowed users to recover their device and data stored on SDcard.
Now, in an effort to overcome this, threat actors have adopted encryption in the development of mobile Ransomware malwares. Recently, the security firm ESET has discovered a new Android ransomware, dubbed as Android/Simplocker.A, that has ability to encrypt the files on the device SD card and then demand a ransom from the victim in order to decrypt those files.
Once installed, the malware scans the SD card for certain file types such as image, document or video with extensions – jpeg, jpg, png, bmp, gif, pdf, doc, docx, txt, avi, mkv, 3gp, mp4 and encrypts them using AES in a separate thread in the background. After encrypting the files, the malware displays the following ransom message, written in Russian, which clearly means that this threat is targeting Russian Android users.

WARNING your phone is locked!
The device is locked for viewing and distributing child pornography , zoophilia and other perversions.
To unlock you need to pay 260 UAH.
1.) Locate the nearest payment kiosk.
2.) Select MoneXy
3.) Enter {REDACTED}.
4.) Make deposit of 260 Hryvnia, and then press pay. Do not forget to take a receipt!
After payment your device will be unlocked within 24 hours. In case of no PAYMENT YOU WILL LOSE ALL DATA ON your device!

The Ransomware malware directs victim to pay the ransom amount i.e. 260 UAH, which is roughly equal to $21 US, through the MoneXy service, as this payment service is not easily traceable as the regular credit card.
mobile virus
To maintain anonymity the malware author is using the Command-and-Control server hosted on TOR .onion domain and the malware sends the information of the infected device such as IMEI number to its server. The researchers at ESET are still analysing the malware:

Our analysis of the Android/Simplock.A sample revealed that we are most likely dealing with a proof-of-concept or a work in progress – for example, the implementation of the encryption doesn’t come close to “the infamous Cryptolocker” on Windows.

The researchers have found that the malware is capable to encrypt the victim’s files, which could be lost if the decryption key is not retrieved from the malware author by paying the ransom amount, but on the other hand the researchers strongly advise users against paying fine, as their is no guarantee that the hacker will provide you decryption keys even after paying the amount.
Unfortunately, mobile antivirus products are only capable to detect such known/detected threats only and can’t detect similar the new threats. So, it is important for you to always keep the back-up of all your files either manually on the computer system or use cloud backup services like dropbox, google drive etc, in order to protect it from the emerging threats.

via First Android Ransomware that Encrypts SD Card Files – The Hacker News.

Google Opens Glass Sales to Everyone | Fox Business

Wednesday, May 14th, 2014

google glass

Google (GOOG) really knows how to drum up buzz ahead of a launch.

For the second time in a month, the company is expanding its Explorer Program for still-in-beta Glass, allowing anyone in the U.S. to purchase the device for $1,500 ahead of its full rollout later this year.

“We learned a lot when we opened our site a few weeks ago, so we’ve decided to move to a more open beta,” the Mountain View, Calif.-based tech darling wrote on Google Plus late Tuesday.

Google was sure to note, however, that Glass is still in beta mode as it sorts out kinks and perfects the device’s hardware and software.

IHS senior director Andrew Rassweiler says the Google Glass of today still feels “like a prototype,” but that chip makers are expected to offer more integrated chipsets that will “greatly improve” the device’s performance, processing, weight and size once it is mass marketed later this year.

“The design employs many off-the-shelf components that could be further optimized,” he said. “Future product revisions are sure to make strides in all of these areas.”

Google, which until recently has been very selective about the Explorers Program, uses feedback from early adopters to improve the device.

via Google Opens Glass Sales to Everyone | Fox Business.

Chrome Remote Desktop app – Google Help

Saturday, April 19th, 2014

Chrome Remote Desktop app

Chrome Remote Desktop allows you to set up your computer for secure remote access. This includes setting up your computer so that you can access it later from another machine; or you can also use the app to let a friend remotely access your computer temporarily, perfect for times when you need help solving a computer problem.

Add the Chrome Remote Desktop app to Chrome

Install the Chrome Remote Desktop app on every computer you want to access remotely and every computer you’d like to connect from.

  1. Visit the Chrome Remote Desktop app page in the Chrome Web Store.
  2. Click Add to Chrome to install the app.
  3. When the confirmation dialog appears, click Add.
  4. A new tab will open and the app’s icon Chrome Remote Desktop App will appear in the Apps section of the page.

If you’re using a Chrome device, you can find the app in the apps list.

via Chrome Remote Desktop app – Chrome Help.

Smartphone Thefts Nearly Double in 2013 | PCMag.com

Friday, April 18th, 2014

Some 3.1 million Americans had their phones stolen in 2013, a huge increase from the year before, according to the survey from Consumer Reports. In comparison, around 1.6 million people in the U.S. were the victim of smartphone theft in 2012, meaning the number of victims nearly doubled in a year.

On top of that, people are also losing more phones. Last year, U.S. consumers lost and never reccovered 1.4 million smartphones, up from 1.2 million in 2012.

via Smartphone Thefts Nearly Double in 2013 | News & Opinion | PCMag.com.