Mobily Security Weekly – Pain-gu? How dangerous is the new iOS jailbreak?

 
This week’s edition poses questions about the future of both mobile and mobile security. Google’s i/o conference always serves as a glimpse into the future of all aspects of mobile - and it’s good to see security as one of those aspects this year. The release of a new iOS jailbreak raises the question if this is the last version that can and will be jailbroken. Finally, a massive security loophole in a popular new app provides a worrying outlook on the future of mobile apps. There’s a new jailbreak for iOS 7.1 - and it’s presents a major leap in attacker’s capabilities. Named Pangu, it ...

Pangu: An iOS 7.1 Jailbreaking Tool – a Major Leap in Attacker’s Capabilities

 
Lacoon  released details around the security implications of Pangu, a new attack that uses an Apple enterprise certificate to jailbreak and potentially gain control of iOS devices. Use of enterprise certificates is an emerging attack vector that Lacoon has been exploring for some time, but this is the first time that this practice has actually been used as of a jailbreak. The jailbreaking tool, named Pangu, for Apple-based mobile devices running iOS 7.1-7.1.x was released yesterday on June 24, 2014. Pangu should concern us - the security community, enterprises, and consumers alike. Pangu represents a major technology leap, ultimately lowering the barrier ...

Mobile Security Weekly – Paranoid Android?

 
This week started out well for Android. There’s quite a bit of hype surrounding the 2014 Google i/o conference at the end of June. Sadly, things didn’t progress in the same direction: for the first time, Android devices sold in Europe & the US have been found to have factory-installed malware. Furthermore, a powerful new vulnerability named TowelRoot has been discovered. For our in-depth post on TowelRoot and its implications, click here A new Android vulnerability named TowelRoot could lead to attacks on Android devices TowelRoot, named in reference to a recently ...

Follow Up on “TowelRoot” Vulnerability

 
Following our latest blog post on “TowelRoot”, the rooting tool which exploits CVE-2014-3153 to root Android devices, we received quite a few questions. Due to readers’ concerns we thought it would benefit the security community to publish some of the more pertinent questions. If you have any more follow-up questions, feel free to send them to contact@lacoon.com. We’ll continue to update this page as inquiries continue to roll in. Q: From a technical standpoint, what is the security implication of TowelRoot? A: Once an attacker runs TowelRoot on the device, all the built-in security mechanism developed by Google, including ...

“TowelRoot” Gives Root Access to Samsung Galaxy S5 and other Popular Android Mobile Devices

 
A new vulnerability, codenamed TowelRoot, was recently released for the Linux kernel (CVE-2014-3153)  through version 3.14.5 and it has affected Android 4.4 mobile devices. This vulnerability is extremely prevalent and exists on almost every popular Android device in the market including the very popular Samsung Galaxy S5. This security vulnerability, when exploited, can allow any app to escalate it’s privileges to root (administrator) privileges. This would allow an attacker to bypass the Android security model and: Run malicious code under administrator privileges Retrieve various files and ...

Heartbleed: A Look Into the new Threat on the Block

 
What is Heartbleed and how does it work? Earlier this month, the Security teams at Codenomicon and Google Security discovered the critical security bug known as Heartbleed (CVE-2014-0160). This vulnerability has been found in versions 1.0.1 through 1.0.1f of the popularly used OpenSSL cryptographic software, providing an easy path for attackers to access very sensitive information from popular websites and applications on the internet, including Yahoo!, Google, Gmail, Yahoo! Mail, Instagram, Pinterest, Netflix and many more.  It is important to note that in addition to everyday websites and internet applications, Heartbleed also affects internal enterprise web server platforms and any ...

Mobile Security Weekly – New tech = Friend or Foe?

 
This week’s update focuses on the technological advancement dilemma: simplicity vs security. With some of their new updates, both Google and Apple seem to be voting firmly in one direction - and it doesn’t seem to be security. We can’t possibly ignore the FIFA World Cup that kicked off in Brazil on Thursday. We’ve tried to provide a few security tips that might help users that are planning to travel to Brazil to take part in the festivities. iOS 8 and OSX Yosemite were announced this week. iOS 8 definitely brings in new openness to Apple’s mobile operating system. The company's press release said it's ...

Mobile Security Weekly – Cupid is here, but he’s not spreading love.

 
Only two items this week, but both discuss attacks that may be capable of causing quite a bit of havoc in the near future. One reminds us that the biggest mobile security of 2014 hasn’t yet finished while the other poses questions about things to come. Just when you thought the Heartbleed Bug threat is over, it rears its ugly head again. Less than two months since the openSSL vulnerability was first exposed, exploiting it just became quite a bit simpler, especially against mobile devices. According to researchers in Portugal, the new attack method, named Cupid, exploits a vulnerability in OpenSSL the same way as Heartbleed - the same ...

Customer Advisory – a slice of humble “Pie” for Android

 
Important research that exposes an exploitable vulnerability in Android 4.2.2 affects a wide range of devices. Currently nicknamed “Pie”, this vulnerability has been gracing the pages of several forums over the past few days. Attackers exploiting this vulnerability can acquire root privileges to many Android-based mobile phones. What’s the bottom line? Under certain circumstances, an attacker exploiting the vulnerability can acquire root permissions to the victim’s device. This means the attacker could then: Run malicious code under administrator privileges Retrieve various files ...