Welcome back to our monthly review of some of the most interesting security research publications. [Read More]
by RSS Axelle Apvrille  |  Nov 02, 2017  |  Filed in: Security Research
Insomni'hack's CTF included a couple of mobile challenges I was happy to look into. All could be solved with or without a mobile phone. iBadMovie part 1 We are given a zip file which contains an iOS application and 'a copy of folders on the device' (iExplorer path):   39836648 2015-03-07 00:26 iBadMovie.ipa 0 2015-03-12 15:12 iExplorer/ 0 2015-03-12 15:12 iExplorer/Documents/ 0 2015-03-12 15:12 iExplorer/Library/ 0 2015-03-12 15:12 iExplorer/Library/Caches/... [Read More]
by RSS Axelle Apvrille  |  Mar 26, 2015  |  Filed in: Security Research
While the Shellshock story is taking the media by storm, and as the reports of exploitation in the wild start to emerge, some questions about the worse-than-heartbleed infamous bug remain unanswered. "Will there be a Slammer-like worm owning half of the Internet within a few hours?", "Besides Apache, DHCP and SSH, are there other ways to remotely set environment variables?", "Has the NSA known about it for 20 years?", "Are iOS and Android vulnerable?"... While here at FortiGuard Labs, we have our own opinion on all of these questions, the one we... [Read More]
by RSS Guillaume Lovet  |  Sep 26, 2014  |  Filed in: Security Research
[Read More]
by RSS Michael Perna  |  Aug 23, 2014  |  Filed in: Industry Trends
Ransomware is a type of malware that restricts usage of the device it infects, demanding a ransom from the end-user in order to regain control over the device. Now, the malware could actually damage/encrypt the system and the files on it or it could take the easier way out by merely giving a semblance of having performed these functions. Although in both cases, phone usage becomes difficult for the user Ransomware threats have been big on mobile phones this year - from the emergence of the first variant targetting iOS devices to the first Android... [Read More]
by RSS Ruchna Nigam  |  Jun 25, 2014  |  Filed in: Security Research
With our FortiGuard Labs reporting that 96.5% of all mobile malware is Android based it would be easy to see why someone might opt for an iPhone. But, users beware. Don't write off iOS as the secure alternative to Android just yet! Despite, Android malware being nearly an epidemic, or as Tim Cook referenced, "a toxic hellstew", iOS is not immune. Before somebody asks me (again) whether there are any iOS malware or not, I decided to consolidate the information for you. Hope this helps you, and keeps your (i-) phones secure :) Name Discovery... [Read More]
by RSS Axelle Apvrille  |  Jun 09, 2014  |  Filed in: Security Research
Earlier this week, reports began to surface of iOS device owners in Asia, Australia and New Zealand being locked out of their iPhones, iPads and iPod Touches. A common thread among the many hit was a message from someone named "Oleg Pliss" demanding a "ransom" in order to unlock the device and make it usable again. In some cases reported, the ransom was payable to a specific PayPal account that was either closed or never existed... further chagrinning those tempted to pay up to get their device back. In other reports, victims were asked to use... [Read More]
by RSS Richard Henderson  |  May 29, 2014  |  Filed in: Industry Trends
Maybe it was something in the water, but the last week of May was indeed a week of extremes--from the biggest threat on record to the tiniest Trojan to an unusual and completely unexpected act of transparency from Apple. Here's what the security landscape looked like for May 29-June 1. Flame Ignites Fire In Security Community: It might be hard to imagine a an attack that can outpace unprecedented targeted threats such as Stuxnet and Duqu. But last week, the emergence of the Flame virus on the security landscape put them all to shame. The... [Read More]
by RSS Stefanie Hoffman  |  Jun 04, 2012  |  Filed in: Industry Trends
In the AV industry, one of the golden rules is to make sure that, during analysis, we do not in any way help the malware authors and/or propagate their offspring. This requires special care in the case of malware for mobile phones, because, on the one hand, many of them won't run if the phone is offline, but on the other hand, if the phone is online, the malware is free to call or send SMS messages in the wild without any way to block those actions. So, we thought building our own local GSM operator, using a USRP coupled with a Linux box running... [Read More]
by RSS Axelle Apvrille  |  Nov 16, 2011  |  Filed in: Security Research
Some time ago, a security researcher, Alex Levinson, found out the iPhone was keeping a SQLite database of the iPhone's location (wifi-based location, cell-based or GPS) and a few other information. The file, located in /private/var/root/Library/Caches/locationd/consolidated.db, is easily accessible on jailbroken phones (ssh or any file transfer tool) and readable by any SQLite3 tool. This issue has recently re-surfaced as two researchers, Pete Warden and Alasdair Allan, wrote a MacOS tool to generate maps from the locations recorded in that database,... [Read More]
by RSS Axelle Apvrille  |  Apr 21, 2011  |  Filed in: Security Research