View profile

#MobSec5: Week of April 25

Highlights of this week's #MobSec5 include: OpenSSL release scheduled for Tuesday, May 3 will fix sev
April 28 · Issue #6 · View online
NowSecure #MobSec5
Highlights of this week’s #MobSec5 include:
  • OpenSSL release scheduled for Tuesday, May 3 will fix several high severity security flaws.
  • Mobile devices running older versions of Android are the target of drive-by exploits delivered via malicious ads.
  • FBI won’t reveal how they broke into the San Bernardino iPhone because they claim they did not purchase the technical details.
  • However, the agency did disclose its first vulnerability to Apple as part of the White House’s Vulnerability Equities Process on April 14 (though an executive told Reuters that the flaw had been patched nine months ago).

Forthcoming OpenSSL releases | OpenSSL
Active drive-by exploits critical Android bugs, care of Hacking Team | Ars Technica
Exploring Qualcomm's Secure Execution Environment | Bits, Please!
FBI confirms it won't tell Apple how it hacked San Bernardino shooter's iPhone | The Guardian
Apple says FBI gave it first vulnerability tip on April 14 | Reuters
Protecting against unintentional regressions to cleartext traffic in your Android apps | Android Developers Blog
Mobile Malware Competition Rises in Underground Markets | Security Intelligence
Kernel Self Protection Project update |
Did you enjoy this issue?
If you don't want these updates anymore, please unsubscribe here
If you were forwarded this newsletter and you like it, you can subscribe here
Powered by Revue