Computer Virus Protection: Take A Look At The Top 10 Free Antivirus Programs Of 2015


The technology expert website, Fossbytes.com, has compiled a list of the top 10 best performing, free antivirus programs for the year 2015.
Although there are good paid antivirus programs, such as Norton or McAfee which protect and arm your computer system from harm, the exorbitant price charged by these companies in exchange makes it difficult for some people to have access.
You need not worry, however, because these free antivirus programs will give you almost the same protection as the paid ones.
1
According to FossBytes, the number one best free antivirus program of the year is Avast Free Antivirus. Avast runs on Windows and almost all Mac OSX versions. It is not difficult to install, it has a heuristics search and ‘on-access’ protection pack. It also has features such as real-time protection of files, email, P2P transfers, web surfing, instant messages and even suspicious behavior are a notch above your average free antivirus software. It has been praised for its performance and light use of system resources and has also proved itself efficient in catching malware as well. Further developments made in the 2015 version to enhance the user interface merit Avast its place on the top of FossBytes’ ranking.
2

Following Avast closely in second position is AVGAVG Antivirus works on Windows XP (or higher) and Mac OSX, Mountain Lion. It is said that the 2015 version has been revamped to provide a better user interface; a cloud-based scanning system and the ability to block infected links besides the usual detection and eradication of viruses. It is also one of the smallest antivirus programs and provides script malware protection.
3

Avira Free Antivirus is raked number three. Avira has Windows XP (or higher), Mac OSX 10.9 (Mavericks) and higher and Android 2.2 support. It has exceptional detection and blocking rates. Its small footprint makes it ideal even for older personal computers. It runs seamlessly fast scans, anti-malware protection, anti-spyware protection, browser protection and cloud-based scanning. However, the interface is too cluttered and the installation and execution process is also quite slow as compared to other free antivirus software.
4...

Fourth on the list is Panda Cloud Antivirus. Panda runs on Windows XP and Android 2.3 or up. It is said that the Panda Cloud Antivirus has taken free antivirus to a whole new level with its cloud-based scanner. It is lightweight and runs off a local cache when the network is unavailable. It offers effective phishing protection and impressive detection rates combined with top-notch rootkit blocking. But it falls behind other free antivirus software due to its inefficiency at eradicating malware from an already infected system.
5

BitDefender Antivirus made it in fifth position. BitDefender functions on Windows XP (or higher) and Android 2.3 (and higher). It provides a real-time shield, active virus control, intrusion detection, rootkit scanning and HTTP scanning. The newly introduced feature of profiles, which adapt the software for particular tasks like watching movies, playing games or general office work, has improved its user-friendliness by a huge margin as compared to the previous versions. Moreover, it even includes online banking protection, a 2-way firewall and a parental control system. However, it has a poor technical support and difficulties in installing on systems that are already infected by malware, causing problems for the average user.
6
The sixth position was taken by MalwareBytes Free Antivirus. MalwareBytes works on Windows XP or higher. It is small, lightweight and does not require signatures. It also shields Java and is one of the most effective software against zero-day attacks that have never been seen before. Users have said that MalwareBytes is still one of the most reliable products when it comes to catching the newest, most cutting-edge threats that other antivirus companies may not have caught yet. The biggest drawback with it is the requirement for pro-active antivirus software that can work alongside it. It just acts as a complement to your regular antivirus program. There is also a major lack of features in the free version as compared to the premium version.
7
Comodo Antivirus made it seventh on the list. The Comodo Antivirus is said to include a full range of detection engines for viruses, rootkits, spyware and other malware. It uses proprietary Defense+ technology thereby guarding your system from all unknown files by treating them as a threat. It also provides on-access/resident protection, cloud-based protection and an automatic sandboxing function. It works on Windows XP or higher; Mac OS X 10.4 or above; Android 2.2 and Up. It weakness is that it asks users for inputs and this may not be suitable for amateur users. The Host Intrusion Prevention System and phishing protection are also a weakness.
8
Qihoo 360 Total Security was ranked eighth. Qihoo 360 works on Windows XP or higher; Mac OS X 10.7 or later including OS X Yosemite; Android 2.2 and up. The Chinese software offers a wide range of comprehensive, effective and user-friendly Internet and mobile security products aiming to protect the user’s computer and mobile devices against malware and malicious websites. It is supported by cloud-based security technology. It has its own checksum-based engine in the cloud-a machine learning QVM engine. It provides a sandbox too through which one can check out for the threats posed by unknown programs.
9
FortiClient Free Antivirus was ranked ninth on the list. FortiClient supports Windows XP or higher; Mac OS X Snow Leopard (10.6) or higher; iOS 5.1 or higher; Android 4.0(ICS) or higher support.FossBytes said FortiClient is an effective and efficient free antivirus which boasts of web filtering, a firewall, network optimization and parental controls. It further said it provides very good phishing detection and even includes a VPN client. It has no per-seat license fees and its on-access /resident protection enables users & guests to work efficiently anywhere, without compromising on their security.
10
Taking the tenth and final position is AdAware Free Antivirus. Adware works on Windows XP or higher and has been said to be a pretty reliable spyware tool. It offers smooth installation, non-intrusive notifications along with detailed custom scanning. The UI of the latest version has been vastly improved
as compared to the previous version. Several features have been incorporated such as sandbox emulation, scheduler and a command line scanner.
These are the best top 10 free antivirus available. You can try any of them. Goodluck!

0 comments:

Learn How To Hack From A Game??



So, you’ve heard of Hacktivism and want to test your mettle? Without risking prolonged imprisonment? Well, step right up and check out Hacknet, a real life hacking simulator. It uses real terminals where you get to input REAL UNIX commands…
Their promotional material has me hooked already:
Dive down a rabbit hoIe as you follow the instructions of a recently deceased hacker, whose death may not have been the accident the media reports. Using old school command prompts and real hacking processes, you’ll solve the mystery with minimal hand-holding and a rich world full of secrets to explore.
Bit, a hacker responsible for creating the most invasive security system on the planet, is dead. When he fails to reconnect to his system for 14 days, his failsafe kicks in, sending instructions in automated emails to a lone user. As that user, it’s up to you to unravel the mystery and ensure that Hacknet-OS doesn’t fall into the wrong hands.
Exploring the volatile nature of personal privacy, the prevalence of corporate greed, and the hidden powers of hackers on the internet, Hacknet delivers a true hacking simulation, while offering a support system that allows total beginners get a grasp of the real-world applications and commands found throughout the game.
Source: Tech Worm

Then watch their promo video:

0 comments:

Anonymous Launches Operation Rage For Sandra



The online hactivists group Anonymous has released a video exposing Texas police over the death of Sandra Bland. The collective feels Sandra Bland was murdered – murdered by the same people that swore to defend and protect the citizens of the United States – and so it calls for National Day of Rage so that “Sandra’s death doesn’t become another hashtag and then a statistic”. They also allege that the police are “using the media to peddle their agenda”.
“The Anonymous collective is enraged at the failed attempt by Waller County PD and the Texas Trooper Association to mask a blatant act of crime against an innocent woman. We, Anonymous, are calling on the citizens of the United States to commit to a day of rage for Sandra Bland and all who have been murdered at the hands of ruthless law enforcement officials who know no honor. Cities around the United States will rise up in unison and call for Sandra Bland’s justice.
“We, not as Anonymous but as citizens of the United States, are tired of the cycle of murders and coverups made by police departments across the nation. We demand that each police chief at each protesting city to come out to the crowds and renew their pledge to protect the people they serve. We also demand the immediate arrest of Brian Encinia and the resignation of both Waller County’s District Attorney and the Waller County’s Sheriff. If you do not take Brian Encinia into custody, we will come after all of you. All your secrets will be leaked. You will all be vulnerable. We all know where you live. This is for Sandra Bland. No mercy for murderers. Operation Rage for Sandra, engaged,” they warn.

The Texas Department of Public Safety had earlier released a 52-minute dashboard camera videoof the traffic stop. The video shows Encinia asking Sandra to put out her cigarette, when she refuses he pulls out his Taser and asks her to get out of the car. The confrontation then gets physical with Sandra claiming she has had her head bashed into the ground. She died in police custody three days after being arrested.



0 comments:

Stagefright Attack : It takes only a single text message to hack an Android Smartphone

Stagefright attack, the Mother of all Android Vulnerabilities puts 950 million smartphones at risk

Over 95 percent of Android smartphones in circulation or roughly 950 million smartphones may be vulnerable to a unique but critical hack attack called Stagefright.
Joshua Drake from Zimperium Mobile Security discovered six + one critical vulnerabilities in the native media playback engine called  Stagefright. He calls this weaknesses ‘Mother of all Android Vulnerabilities’.
Drake said that the vulnerabilities can be exploited by sending a single multimedia text message to an unpatched Android smartphone. While the exploit is deadly, in some cases, where phones parse the attack code prior to the message being opened, the exploits are silent and the user would have little chance of defending their data.
Stagefright is a native media playback tool used by Android and all these weaknesses reside in it. Drake states that they are all “remote code execution” bugs, allowing malicious hackers to infiltrate devices and exfiltrate private data.
Stagefright attack, the Mother of all Android Vulnerabilities puts 950 million smartphones at risk from remote execution
The following design chart explains the working of Stagefright
According to Drake, all that the potential hacker needs to do is to send out the exploits to the would be mobile phone numbers. From there, they could send an exploit packaged in a Stagefright multimedia message (MMS), which would let them write code to the device and steal data from sections of the phone that can be reached with Stagefright’s permissions.
Once the vulnerability is exploited, the hackers can access almost anything including recording of audio and video, snooping on photos stored in SD cards. Even the humble Bluetooth radio can also be hacked via Stagefright.
Depending on the MMS application in use, the victim might never know they had even received a message.
The vulnerabilities are so critical that sending an exploit code to to the victim’s Google Hangouts would “instantaneously trigger the exploit even before the user can even look at the smartphone or before you even get the notification”.
Another interesting aspect of the exploit is that once the it has been delivered, the hacker can delete the message before the user had been alerted about it, making attacks completely silent.
Drake will give the full disclosure along with Proof of Concept at Def Con on 6th August. He stated to Forbes that he had reported about the bugs in April this year and Google has sent out the patches to its smartphone manufacturing partners.
Drake stated that a total of seven vulnerabilities had been sent to Google by 9th April, 2015 and Google had reported back to him that it had scheduled patches on May 8th 2015.  Further, Google assured Drake that all future Android versions will be released pre-patched against these vulnerabilities.
However as is the case with any Android smartphone update, the smartphone manufacturers rarely pass on the patches to the end users of the smartphone. Particularly the smaller manufacturers who make localised Android smartphones. As such, it can safely be assumed that almost 950 million Android smartphones and tablets in circulation may be exploitable using the Stagefright vulnerability.
“All devices should be assumed to be vulnerable,” Drake told Forbes. Drake says that only Android phones below version 2.2 are not affected by this particular vulnerability.
“I’ve done a lot of testing on an Ice Cream Sandwich Galaxy Nexus… where the default MMS is the messaging application Messenger. That one does not trigger automatically but if you look at the MMS, it triggers, you don’t have to try to play the media or anything, you just have to look at it,” Drake added.
In an emailed statement sent to Forbes, Google thanked Drake for reporting the issues and supplying patches, noting its manufacturer partners should deploy in the coming weeks and months.
“Most Android devices, including all newer devices, have multiple technologies that are designed to make exploitation more difficult. Android devices also include an application sandbox designed to protect user data and other applications on the device,” a spokesperson said.

0 comments:

Researchers use a basic cell phone to hack air-gapped computers


Researchers from Ben Gurion University Hack air-gapped computer using a basic phone with radio signals

Air-gapped computers are considered the safest option from hack attacks because they are not connected to the Internet or the outside world. Most companies including defence departments and NASA use air-gapped computer to store their most confidential data. Researchers from Israel’s Ben Gurion University have devised a new method for exfiltrating data from such air-gapped computers by bypassing all protections.
All they needed was a working GSM network in the room where the air-gapped computer is present, electromagnetic waves and a basic low-end mobile phone. The researchers from  Cyber Security Research Center at Ben-Gurion University of the Negev have demonstrated their hacking skills through a video given below and said that it serves as a warning to defense companies and others that they need to immediately “change their security guidelines and prohibit employees and visitors from bringing devices capable of intercepting RF signals.”

The Attack

The attack requires both the targeted computer and the mobile phone to have malware installed on them. Once the malware has been installed on the targeted computer, the attack exploits the natural capabilities of each device to exfiltrate data using electromagnetic radiation.
All electronic gadgets including computers emit electromagnetic radiation of varying degrees during their normal operation. The researchers said that the basic cell phone has been designed in such a way to receive such signals. They combined these two factors and were able to exfiltrate data without triggering any protection alarms.
Earlier researchers were able to hack a air-gapped computer using radio signals generated by a computer’s video card that get picked up by the FM radio receiver in a smartphone. This attack PoC build on that but goes a step further because it can be used in environments where smartphones are prevented as it uses a basic feature phone as an attack vector.
“[U]nlike some other recent work in this field, [this attack]exploits components that are virtually guaranteed to be present on any desktop/server computer and cellular phone,” the researchers noted in theirpaper (registration required).
The researchers admit that this attack permits only a small amount of data using a feature phone, however they say it is enough to exfiltrate passwords or even encryption keys. The exploit is also a serious issue because it can be performed without the attacker being in the same room as the air-gapped computer. The researchers found they could also extract much more data from greater distances using a dedicated receiver positioned up to 30 meters away. This means someone using the above technique could wirelessly exfiltrate data through walls from a parking lot or another building.

Mitigation

The researchers noted that the only way to mitigate such attack is to impose a complete ban on all kinds of cell phones in the area of the air-gapped computer. Further the companies could strengthen the working environment with insulated walls or partitions.

Credits

The research was conducted by lead researcher Mordechai Guri, along with Assaf Kachlon, Ofer Hasson, Gabi Kedma, Yisroel Mirsky, and Elovici. Guri said that they will present their findings next month at the Usenix Security Symposium in Washington, DC.

0 comments:

Hackers can take over Steam gamers accounts for 2 weeks with a simple trick



Steam can be hacked by using just username due a security hole (VIDEO)

Popular digital distribution service, Steam had an critical bug which allowed hackers to hack into gamers account for two weeks. For the past week many Steam users have complained that their accounts were being accessed and manipulated from other PCs.
Steam is an Internet-based digital distribution platform developed by Valve Corporation offering digital rights management (DRM), multiplayer, and social networking. Steam provides the user with installation and automatic updating of games on multiple computers, and community features such as friends lists and groups, cloud saving, and in-game voice and chat functionality. It is highly popular among gamers around the world.
The hack attack was fairly simple and anybody who Steam gamers user name could exploit the bug. Elm Hoe, a Steam gamer and YouTuber, help spread word of the breach on July 25 when he posted a video which is given below :

Once the hacker knew the Steam gamers account name, they simply had to visit Steam’s Lost Password page, enter the targeted account and simply click Continue when asked to enter their email verification.
Steam took its services offline on 26 July while Valve, which owns Steam, worked on the issue. Right now the security hole appears to have been fixed but Valve has not issued any comment on the bug or how it was fixed. One report from a Steam user suggested that attackers may have been able to bypass Steam Guard without hacking an e-mail account however the same has not been confirmed either by Valve or Steam.

0 comments:

This Website Will Steal Your Photos and Then Hack Your Computer



WallPart (The Poster Shop) sells stolen images online without the owner’s consent

The website WallPart (also referred to as The Poster Shop) claims to be “the world’s largest online shop of posters…with over 10 billion images.” However, the one thing that the website does not reveal is that their database is filled with copyrighted and stolen images from photographers around the world. To make things worse, in what might be the most heinous hacking scam of all time, the Poster Shop may be actually using these images to spam photographers who use their copyright take down form.
Patrick Hall, founder of Fstopper.com said that a few months ago, he discovered that the poster printing website had put many of his friends wedding photographs up for sale without their consent. To handle this situation, the suggested course of action would have been to instantly get in touch with the website and insist that they remove their photos from the WallPart database or else legal action would be taken.
According to the tumblr Peter and Company, the real business WallPart does not have anything to do with the selling of the prints at all. In reality, WallPart does not go to photographers’ websites and steal photos to sell on their store page. They instead just simply pull images from Google Images and display them as promising art work one can have printed on their own wall art or poster.
If one has to search for his name, image or brand through their search box (which is not recommended), one would be sure to find one of their own images in their database. Several of these images are advertisements, pngs, and banners that were never meant to be printed in the first place. In addition, every image that is displayed on their search results page consists of the exact same title and description found through Google’s search function.
For instance, below are the few searches done by Patrick a Hall of Fstoppers:
WallPart (The Poster Shop) sells stolen images online without the owner's consent
WallPart (The Poster Shop) sells stolen images online without the owner's consent
WallPart (The Poster Shop) sells stolen images online without the owner's consent
It looks like that the main intention of this website is not to sell prints at all, as there is no evidence that actual sales are taking place. This website instead looks for photographers who have featured on WallPart’s website, says Peter and Company reports.
It is a behavioral condition found in photographers when they behave irrationally on finding their images being used without their permission. If and when a photographer does catches their work on the website, they are without a doubt going to issue a cease and desist through WallPart’s DMCA/Copyright link at the bottom of the page. This link that is at the bottom of the page is surprisingly the only one of the only clickable links on the entire page, which is not compatible with most legal e-commerce sites. The entire purpose of the Poster Shop’s website is this contact form. The contact form is a hacking platform that is used to spam the user and possibly affect their computer with malware or other offensive spyware and adware.
Most of the search results, functionality, and contact forms have changed throughout the website’s existence. One day, you search for your name and find stolen images, only to find that 24 hours later the results page are completely empty. There are clear indications that the site was never meant to run as a business and the functionality of it as a whole is pretty divided. Currently hosted in Russia, the site is known to change hosting domains in the past after being removed by tech savvy visitors.
It is very disheartening to know that there are companies and websites out there like WallPart that are targeting photographers who are just trying to protect and maintain the copyright on their own creations. In today’s world, one can be sure as to what personal data is being sent to a company in general or where an email or contact form is actually being sent to. The website Change.org has started a petition with over 50,000 supporters to ouster WallPart; however, there is no news on whether the site will actually be banned forever.
To keep it simple, Patrick says DO NOT VISIT THE SITE like The Poster Shop or other similar sites and DO NOT FILL OUT ANY COPYRIGHT VIOLATION OR DMCA FORMS.

0 comments:

Researcher hacks Brinks ultrasafe ‘Safe’ using USB and 100 lines of code



Brink’s safe called CompuSafe Galileo can be hacked using 100 lines of macro code delivered through a USB stick

Researchers from security company, Bishop Fox have managed to hack the ultra modern Brink’s ’ CompuSafe Galileo using just an USB device and 100 lines of code. The two researchers from Bishop Fox, Daniel Petro and Oscar Salazar will be demonstrating their Proof of Concept at the DefCon 2015 which will start in the first week of August 2015 in Las Vegas.
Brinks’ CompuSafe Galileo is a highly sophisticated and modernized safe that is marketed by Brinks as a easy cash management option.  Brinks claims the CompuSafe helps stores eliminate deposit discrepancies, reduce theft and free staff from recounting and auditing cash. However Petro and Salazar took a special liking to this particular safe and started testing it for vulnerabilities. After a year of research, the duo uncovered a slew of vulnerabilities and design flaws that could easily be exploited by cyber criminals.
The researchers said that all off the 14000 CompuSafe Galileos sold by Brinks in the United States are vulnerable to this attack.
Petro and Salazar said that that work of finding the vulnerability in the Safe was made easier by the fact that the CompuSafe Galileo has a functional USB port on the one of its sides. That allowed them to plug in a keyboard and a mouse, which worked.
“Nothing good comes from that,” Salazar said. It was a sign of more bad things to come. “Every step of the way, we were like, ‘This can’t be possible’,” Petro said.
Once they used the USB port as a input device they were able to bypass the CompuSafe’s authentication screen using a method known as a kiosk-bypass attack. They made use of the 9inch display on the Compusafe and using the application’s help menu, gained access to the backend Windows XP embedded operating system.
Brink's safe called CompuSafe Galileo can be hacked using 100 lines of macro code delivered through a USB stick
Once they had access to the backend, they were able to gain administrative access to the Microsoft Access database file.
Apparently the Microsoft Access database file is used by CompuSafe to save log files, and other critical information like how much money is kept in the safe, user accounts on the system, when the door has been opened and other log files.
“By just editing that file, you can make the safe do anything you want,” Salazar said. They were even able to open the safe’s doors by editing one of the database files.
Salazar said that if cyber criminals had access to their exploit, they could also perform much more sophisticated frauds using the database file that would be hard for safe owners (mostly banks) or Brinks to discover.
To demonstrate the sophistication of the attack, Salazar said, if the machine has US$2,000 in it but the database is modified to only report $1,000, no one would even notice the difference unless there is a physical audit of the cash every day.
“You could very easily make the safe lie about the cash total it has,” he said. “It would be very difficult to track that theft down because the bank would receive exactly how much money it thinks it should be getting.”
The researchers duo said that the exploit code is 100 lines of simple macro code which contains instructions for a certain sequence of mouse and keyboard strokes that crack the CompuSafe and can be supplied using a USB stick.
Bishop Fox had contacted the Brinks security team a year back but they have not yet patched the vulnerability. To compound the problem, the software is apparently made by a third party provider called FireKing Security Group.
Petro and Salazar said that while they will demo the PoC at the DefCon, they wont be reveal the full attack code due to legal issues.  “After the presentation, it will be fairly apparent to anybody who has a little bit of time how you could write your own code,” Petro said.

0 comments:

Critical vulnerability in Apple App Store and iTunes could impact millions of Apple users



Security researcher discovers critical persistent injection vulnerability in Apple App Store and iTunes

A security research from Vulnerability Lab has discovered a critical flaw in Apple’s App Store and iTunes invoice system which could result in session hijacking and malicious invoice manipulation leaving millions of Apple users at risk.
Security researcher Benjamin Kunz Mejri from Vulnerability Lab revealed the persistent injection flaw on his website and said that the vulnerability allows remote attackers to inject malicious script codes into flawed content function and service modules.  The vulnerability has been deemed critical and assigned CVSS 5.8 severity rating.  It is basically a Application-Side input validation web vulnerability that actually resides in the Apple App Store invoice module and is remotely exploitable by both sender as well as the receiver.
According to Mejri, an attacker can exploit the flaw by manipulating a name value (device cell name) within the invoice module through an exchange of malicious specially scripted code. If a product is purchased in Apple’s stores, the backend takes the device value and encodes it with manipulated conditions in order to generate an invoice before sending it on to the seller.  This results in an Application-side script code execution in the invoice of Apple.
Mejri said that the remote hackers can manipulate the vulnerability through persistent manipulated context to other Apple store user accounts, whether they are senders or receives. Mejri states on his blog :
“The invoice is present to both parties (buyer & seller) which demonstrates a significant risk to buyers, sellers or apple website managers/developers.The issue impact also the risk that a buyer can be the seller by usage of the same name to compromise the store online service integrity.”
The exploit can be used to hijack user sessions, launch persistent phishing attacks, create persistent redirects to external sources and manipulate affected or connected service modules.

Proof of Concept :

(Your Invoice by Apple)

<tbody><tr style="background-color: rgb(245,245,245);" class="section-header" height="24">
          <td colspan="2" style="width:350px;padding-left:10px;border-top-left-radius:3px;border-bottom-left-radius:3px;" width="350"><span style="font-size:14px;font-weight:500;">App Store</span></td>
          <td style="width:100px;padding-left:20px;" width="100"><span style="color:rgb(153,153,153);font-size:10px;position:relative;top:1;">TYP</span></td>
          <td style="width:120px;padding-left:20px;" width="120"><span style="color:rgb(153,153,153);font-size:10px;position:relative;top:1;">GEKAUFT BEI</span></td>
          <td style="width:100px;padding-right: 20px;position:relative;top:1;border-top-right-radius:3px;border-bottom-right-radius:3px;" width="90" align="right"><span style="color:rgb(153,153,153);font-size:10px;white-

space:nowrap;">PREIS</span></td>
        </tr>

<tr height="90">
<td class="artwork-cell" style="padding:0 0 0 20px;margin:0;height:60px;width:60px;" width="60" align="center">
            <img src="http://a258.phobos.apple.com/us/r30/Purple7/v4/9d/2b/2d/9d2b2d60-5433-a45e-02fe-12c0f14a1b7b/icon134x134.png" alt="DuckTales: Remastered" style="border:none;padding:0;margin:0;-ms-interpolation-mode: 

bicubic;border-radius:14px;border:1px solid rgba(128,128,128,0.2);" border="0" height="60" width="60">
          </td>
                    <td style="padding:0 0 0 20px;width:260px;line-height:15px;" class="item-cell" width="260">
            <span class="title" style="font-weight:600;">DuckTales: Remastered</span><br>
            <span class="artist" style="color:rgb(153,153,153);">Disney</span><br>                        <span class="item-links" style="font-size:10px;">
                <a href="https://userpub.itunes.apple.com/WebObjects/MZUserPublishing.woa/wa/addUserReview?cc=de&id=925209077&mt=8&o=i&type=App" style="color:#0073ff;">Eine Rezension schreiben</a> | <a 

href="https://buy.itunes.apple.com/WebObjects/MZFinance.woa/wa/reportAProblem?a=925209077&cc=de&d=1666419925&o=i&p=91003564004457&pli=91006585722774" style="color:#0073ff;">Problem melden</a>            </span>
          </td>
          <td class="type-cell" style="padding:0 0 0 20px;width:100px;" width="100">
<span style="color:rgb(153,153,153)">App</span></td>
<td class="device-cell" style="padding:0 0 0 20px;width:120px;" width="120">
<span style="color:rgb(153,153,153);">[PERSISTENT INJECTED SCRIPT CODE VULNERABILITY!]bkm337"><img src="x">%20<iframe src="a">%20<iframe></span></td>
          <td width="90" class="price-cell" align="right" style="padding:0 20px 0 0;width:100px;"><span style="font-weight:600;white-space:nowrap;">9,99 €</span></td>
        </tr>

Note: We used the ducktales remake app to approve the zero-day remote vulnerability in the itunes and appstore without malicious perpose!
A video showing a proof-of-concept (PoC) demo is shown below with step by step.

Mejri notified the Apple about the vulnerability on 8th June and has not revealed the date on which the exploit has been patched by Apple . The disclosure timeline is below.
  • 2015-06-08: Researcher Notification & Coordination (Benjamin Kunz Mejri)
  • 2015-06-09: Vendor Notification (Apple Product Security Team)
  • 2015-**-**: Vendor Response/Feedback (Apple Product Security Team)
  • 2015-**-**: Vendor Fix/Patch Notification (Apple Developer Team)
  • 2015-07-27: Public Disclosure (Vulnerability Laboratory)
Apple has not yet commented on the issue.

0 comments: