iOS

Pierluigi Paganini August 26, 2017
Cisco IOS vulnerabilities open Rockwell Industrial Switches to attacks

Vulnerabilities in Cisco IOS expose Rockwell Allen-Bradley Stratix and ArmorStratix industrial Ethernet switches to remote attacks. Some models of the Allen-Bradley Stratix and ArmorStratix industrial Ethernet switches are exposed to remote attacks due to security flaws in Cisco’s IOS software. According to the security alert issued by ICS-CERT, an authenticated remote attacker can exploit the flaws to […]

Pierluigi Paganini July 15, 2017
CISCO issues security patches for nine serious RCEs in SNMP subsystem in IOS and IOS XE

Cisco has fixed nine serious remote code execution flaws in the SNMP subsystem running in all the releases of IOS and IOS XE software. The tech giant publicly disclosed the vulnerability on June 29 and provided workarounds, not it is notifying customers about the availability of security patches. The nine issues, that have been tracked with […]

Pierluigi Paganini June 30, 2017
Cisco IOS Software is affected by RCE flaws that could allow full hack of the devices

Experts at CISCO discovered severe remote code execution vulnerabilities in Cisco IOS Software while conducting internal testing. Cisco warned users of serious vulnerabilities in IOS software that can be exploited by authenticated, remote attackers for code execution and denial-of-service (DoS) attacks. Experts at CISCO discovered the vulnerabilities while conducting internal testing. “The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS […]

Pierluigi Paganini March 12, 2017
Flaws in MAC address randomization implemented by vendors allow mobile tracking

Researchers devised a new attack method that can be leveraged to track mobile devices that rely on MAC address randomization mechanism. The MAC address is a unique and an hardcoded identifier assigned to a device’s network interface. This characteristic makes it an excellent tool for the tracking of the devices. A group of researchers from the U.S. Naval […]

Pierluigi Paganini February 07, 2017
76 Popular iOS apps are vulnerable to man-in-the-middle (MITM) attacks

A study conducted on iOS mobile apps revealed that many of them are affected by security vulnerabilities that expose users to man-in-the-middle (MitM) attacks. A new study confirms that dozens of iOS apps are affected by vulnerabilities that could be exploited by hackers to run man-in-the-middle (MitM) and intercept data from connections even if protected by TLS. […]

Pierluigi Paganini January 01, 2017
A new iPhone bug will crash the Messages app with a single text

A researcher discovered that a single text message could be exploited to crash the Messages app by MMS on iOS due to a recently discovered bug A single text message could be exploited to disable the Messages app on any iPhone due to a recently discovered bug. The bug flaw makes the Apple Message app inoperable, making it […]

Pierluigi Paganini September 02, 2016
Apple issued fixes for Pegasus spyware bugs in OS X, Safari. Apply it now!

Apple issued security fixes for Mac OS X and Safari to patch zero-day flaws exploited by Pegasus spyware to spy on mobile users. A few days ago, we reported a detailed analysis of the Trident exploit that triggers three vulnerabilities in order to remotely hack Apple mobile devices through the installation of the Pegasus spyware. The […]

Pierluigi Paganini August 31, 2016
iOS 9.3.4 and minor versions are vulnerable to the Trident Exploit

Its name is the Trident: a chain of zero-day exploits that aim to infect iPhone with commercial spyware. Researchers linked it to the NSO group. Its name is the Trident: a chain of zero-day exploits that aim to infect iPhone with commercial spyware. Researchers say it’s belonging to an exploit infrastructure connected to the NSO […]

Pierluigi Paganini August 26, 2016
Apple fixed Zero-Days flaws exploited by nation-state spyware

Apple issued emergency iOS updates to patch three Zero-Days exploited by a government spyware in an high-sophisticated attack. Apple has released the iOS 9.3.5 update for its mobile devices (iPhones and iPads). The security updates address three zero-day vulnerabilities exploited by nation-state actors to spy on activists. Security experts have spotted a strain of spyware targeting […]

Pierluigi Paganini July 20, 2016
Hacking Apple devices with just a Message exploiting the CVE-2016-4631

This critical flaw CVE-2016-4631 resides in the ImageIO and could be exploited by a remote attacker to steal sensitive information from Apple devices. Apple fans, I have a bad news for you, just one specially-crafted message can expose your personal information, including your authentication credentials stored in the memory of your Apple device. This means […]