Members
  • Total Members: 14176
  • Latest: toxxxa
Stats
  • Total Posts: 42870
  • Total Topics: 16079
  • Online Today: 3869
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)









Author Topic: pwn2own: all your mobiles are ours. Resistance is futile... :(  (Read 2149 times)

0 Members and 2 Guests are viewing this topic.

devnullius

  • SCF VIP Member
  • *****
  • Posts: 3614
  • KARMA: 157
  • Gender: Female
    • SCForum.info
SOURCE: Dutch article http://webwereld.nl/beveiliging/84480-smartphones-in-30-minuten-gehackt-via-nfc?utm_source=+SIM&utm_medium=email&utm_campaign=20141113-15%3A10%3A02_webwereld_daily_cron&utm_content=&utm_term=_10927

English one about the subject, FROM: http://www.forbes.com/sites/thomasbrewster/2014/11/13/amazon-fire-iphone-nexus-5-samsung-s5-vulnerable-mobile-pwn2own/

Amazon Fire Phone, iPhone, Nexus 5, Samsung S5 All Popped At Mobile Pwn2Own

A slew of the world’s most popular smartphones have been prized open at the Mobile Pwn2Own hacking contest in Tokyo, Japan this week. Hosted by the HP Zero Day Initiative, the competition offered up big cash prizes for those who could successfully show off their exploits and a handful whitehats managed to break security protections on the Amazon Fire Phone, iPhone 5S, LG Nexus 5 and the Samsung S5.

Pro hackers from British firm MWR InfoSecurity walked away with two awards, demonstrating security flaws in both the Samsung Galaxy S5 and Amazon Fire Phone, taking control of the devices via the latter’s web browser and the former’s Near Field Communication (NFC) service. They were handed a total of $125,000. The MWR Labs team said in an email it had also identified additional vulnerabilities and all will be reported to Samsung and Amazon in the coming weeks.

Google Nexus 5
Google Nexus 5

Japan’s Team MBSD also abused NFC in the Samsung, whilst Adam Laurie from the UK’s Aperture Labs carried out an NFC exploit but on the Google-backed LG Nexus 5, forcing the BlueTooth to pair with another phone.

South Korean “competition veterans” lokihardt@ASRT were able to exploit vulnerabilities in the Apple Safari browser and subsequently took control of an iPhone S5. In one case, they were able to escape the Safari sandbox – the software designed to prevent code running in the browser from running in other sections of the phone.

Microsoft will be pleased to hear their Windows Phone OS kept out VUPEN researcher Nico Joly, who couldn’t pop a Lumia 1520 despite getting at the cookie database on the device.

All vulnerabilities were kept under wraps and reported to the relevant vendors. We’ll soon learn who is quickest to patch amongst the world’s biggest phone manufacturers.
More information about bitcoin, altcoin & crypto in general? GO TO  j.gs/7385484/btc

Cuisvis hominis est errare, nullius nisi insipientis in errore persevare... So why not get the real SCForum employees to help YOUR troubled computer!!! SCF Remote PC Assist http://goo.gl/n1ONa9

Samker's Computer Forum - SCforum.info


 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising