If you lose your iPhone you better issue a remote wipe ASAP with “Find My iPhone” available in the Apple App Store. Researchers have shown that they can jailbreak and decrypt passwords from the iPhone’s key-chain in about six minutes. If you think you are safe because you have a lock-screen password, think again, this hack by-passes the lock screen protection.
The attack requires possession of the iPhone and targets the handsets individual keychain, the iPhone’s password storage platform. Researchers, utilising existing exploits, are simply able to jailbreak the device, install an SSH server on the device that allows them to run queries and execute third-party software on the phone.
Once access to the phone has been established, researchers were then able to copy a script to the phone that would access the keychain on the device. In-built system functions are employed to open the keychain and then output all of the users passwords, removing the need to physically crack any of the devices protection methods.
In short, if someone gets the hold of your device all you can hope is that you can issue a remote wipe command in time. Otherwise they will get your data if they are persistent enough.
Check this video out to see the hack in action.
This is a list of passwords / applications thought to be safe against this hack.
- AOL Email
- App using keychain with default protection
- Generic IMAP
- Generic SMTP server
- Google Mail
- iOS Backup Password
- Website Account from Safari
- Yahoo Email
This is list of passwords / applications that have been confirmed to be vulnerable to theft.
- Apple Push
- Apple-token.sync (mobile me)
- Google Mail as MS Exchange Account
- Lockdown Daemon
- MS Exchange
- VPN IPsec Shared Secret
- VPN PPP Password
- VPN XAuth Password
- Wifi (Company WPA with LEAP)
- Wifi WPA
Think your identity is safe because you take all the necessary measures to protect yourself? Think again!!
XSS (Cross Site Scripting) vulnerability hits twitter.com.
Twitter’s @safety account tweeted Tuesday morning, “We’ve identified and are patching a XSS attack; as always, please message @safety if you have info regarding such an exploit.”
As of 10:00AM EST twitter issued this statement “This should now be fully patched and is no longer exploitable.”
Mashable estimates that the security flaw “has been widely exploited on thousands of Twitter accounts.” TechCrunch reports the onMouseover exploit may have spread to as many as 40,000 tweets in just 10 minutes.
Have you seen it? How has it affected you? Let us know below.
A Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.3.4 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart Independent Glyphlets (SING) table in a TTF font.
Here is the exploit code in the PDF that’s circulating in the wild:
A Metasploit module is included in the most recent version. Adobe claims to be working on a fix, lets see how long…
A new vulnerability and Proof Of Concept (PoC) code has been posted to the Full Disclosure mailing list. Chris Evans says:
A nasty vulnerability exists in the latest Internet Explorer 8. I have been unsuccessful in persuading the vendor to issue a fix. The bug permits — for example — an arbitrary web site to force the victim to make tweets.
A harmless example has also been posted on his site (see below)
This bug appears to be strictly related to Internet Explorer and no fault of Twitter. At this time there does not appear to be a resonable workaround. This appears to be a Cross-origin CSS attack which uses the style sheet import to steal confidential information from a victim website, hijacking a user’s existing authenticated session.
Chris continues to state that there is evidence to suggest that Microsoft has been aware of this since at least 2008.
Update: another PoC has been posted:
How long do we have to wait for a fix?
You can protect yourself by using NoScript, RequestPolicy, or other client-side protections.