본문 바로가기

2012

[스크랩] Mobile Threat Report Q4 2012 (모바일 위협 보고서) by F-Secure Mobile Threat Report Q4 2012 Report by F-Secure The Most Mobile Malware Award Goes To … Android According to one antivirus vendors, Android is host to 96 percent of all mobile malware. In a report from F-Secure, there were no new malware families reported for iOS, J2ME, BlackBerry or Windows Mobile at the end of last year, strongly suggesting that malware development has solidly locked on Androi.. 더보기
[일일번역] Guy Fawkes Day start with Hack of 28,000 Paypal Accounts (The Hacker News 2012/11/05) 5th November 2012 was the most exciting day in Cyberspace, yesterday we have report about few major hacks and leaks including Hacking of ImageShack Server , thousands of researchers database leak from Symantec portal, then NBC Sports Rotoworld forums and NBC Mobile site was defaced by pyknic hacker and a claim that user names and passwords for the site had been compromised, Anonymous leaks the V.. 더보기
[CVE-2012-2674] Multiple integer overflows for Android Original release date:07/25/2012Last revised:07/26/2012Source: US-CERT/NIST OverviewMultiple integer overflows in the (1) chk_malloc, (2) leak_malloc, and (3) leak_memalign functions in libc/bionic/malloc_debug_leak.c in Bionic (libc) for Android, when libc.debug.malloc is set, make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large s.. 더보기
[CVE-2012-2646] The Sleipnir Mobile application before 2.1.0 and Sleipnir Mobile Black Edition application before 2.1.0 for Android Original release date:07/25/2012Last revised:07/25/2012Source: US-CERT/NIST OverviewThe Sleipnir Mobile application before 2.1.0 and Sleipnir Mobile Black Edition application before 2.1.0 for Android do not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application. The Sleipnir Mobile application 2.1.0 이전 버전과 Sleipnir Mobile Bla.. 더보기
[CVE-2012-2808] Weak randomness Android DNS resolver Android DNS poisoning: Randomness gone bad (CVE-2012-2808) Jul 24 2012 12:35PMRoee Hay (roeeh il ibm com) 1 Introduction===========Recently we discovered a very interesting vulnerability in Android's DNS resolver, a weakness in its pseudo-random number generator (PRNG), which makes DNS poisoning attacks feasible. 최근 Android의 DNS resolver 에서 매우 흥미있는 취약점을 발견했다.의사난수생성기(PRNG)의 약점이 DNS poisoning 공격을 .. 더보기