View profile

#MobSec5: Week of April 25

Revue
 
Highlights of this week's #MobSec5 include:OpenSSL release scheduled for Tuesday, May 3 will fix seve
 
April 28 · Issue #6 · View online
NowSecure #MobSec5
Highlights of this week’s #MobSec5 include:
  • OpenSSL release scheduled for Tuesday, May 3 will fix several high severity security flaws.
  • Mobile devices running older versions of Android are the target of drive-by exploits delivered via malicious ads.
  • FBI won’t reveal how they broke into the San Bernardino iPhone because they claim they did not purchase the technical details.
  • However, the agency did disclose its first vulnerability to Apple as part of the White House’s Vulnerability Equities Process on April 14 (though an executive told Reuters that the flaw had been patched nine months ago).

Forthcoming OpenSSL releases | OpenSSL
Active drive-by exploits critical Android bugs, care of Hacking Team | Ars Technica
Exploring Qualcomm's Secure Execution Environment | Bits, Please!
FBI confirms it won't tell Apple how it hacked San Bernardino shooter's iPhone | The Guardian
Apple says FBI gave it first vulnerability tip on April 14 | Reuters
Protecting against unintentional regressions to cleartext traffic in your Android apps | Android Developers Blog
Mobile Malware Competition Rises in Underground Markets | Security Intelligence
Kernel Self Protection Project update | Outflux.net
Did you enjoy this issue?
Thumbs up 1ae5a7bdfcd3220e2b376aa0c1607bc5edaba758e5dd83b482d03965219a220b Thumbs down e13779fa29e2935b47488fb8f82977fedcf689a0cc0cc3c19fa3c6bb14d1493b
If you don't want these updates anymore, please unsubscribe here
If you were forwarded this newsletter and you like it, you can subscribe here
Powered by Revue