08/07, 8:00am
10-year old girl uncovers smartphone vulnerability
A ten-year old hacker known as @CyFi has uncovered a zero-day exploit in iOS and Android games. The hack has been verified by independent researchers and has been classed as new vulnerability. The ten-year old girl who hales from California presented her findings at the DefCon 19 convention. She explained that she uncovered the hack in January this year as a workaround for farm-based games that took too long to progress.
more
11/29, 4:45pm
SonicWALL Quicktime issue
Networking security hardware manufacturer SonicWALL recently announced that it has distributed defensive measures to users of it's Unified Threat Management technology, against zero-day vulnerability exploits found in QuickTime. Malicious websites are able to create a stack-based buffer overflow in Apple's media player, by providing a phony movie file that, when activated, executes a series of code that allows a users machine to be taken over. SonicWALL says that the problem lies within the "Content-Type" header field that is sent from the server, which is not properly verified by the client's QuickTime. Once the "Content-Type" field reaches a certain length, a Buffer Overflow condition occurs, and through this, malevolent users can rewrite a user's privileges so that they have read-write access to the machine.
more
