Foto 0 en Security flaw allows calls (and more) from a locked iPhone running iOS 4.1: Paste this image in your site, Myspace, Facebook, Ebay copy this code...
Blog 9to5Mac has picked up on an interesting bug in iOS 4.1, running on the iPhone, that will allow users to bypass the device’s lock screen and make phone calls. From a locked iPhone pressing the “Emergency Call” button, dialing a non-emergency number (such as “###”), then quickly pressing “Send” followed by the iPhone’s lock key will actually force the device into the “Phone” application. From there you can access favorites, contacts, the dial pad, recent calls, and voicemails. The “home” button remains inactive throughout the process, preventing users from jumping to the home screen, however… going to the “contacts” tab, selecting a contact, and clicking “Email” or “Share contact” will allow a bypasser to send emails and MMS messages.
The issue is reminiscent of a bug in Motorola’s BLUR interface that allows users to make calls using voice actions from a locked screen we told you about last week. We’ve passed the information on to Apple and, hopefully, a fix is included in the next software update. We have a short video demonstrating the bug after the break.
Blog 9to5Mac has picked up on an interesting bug in iOS 4.1, running on the iPhone, that will allow users to bypass the device’s lock screen and make phone calls. From a locked iPhone pressing the “Emergency Call” button, dialing… [..] Read complete article
Published 25-Oct-2010 by Andrew Munchbach in SecurityiOSAppleBypasscallsDialerFavoritesflawhackiPhonelockphoneRecentScreenVoicemails Read 12 times. More hits in
Citigroup confirmed publicly that its Citi Mobile iPhone application has a major security flaw. The Citi Mobile application is used by Citibank customers to manage their bank accounts from their iPhone or iPod Touch. The application reportedly stored sensitive information — including account numbers,… [..] Read complete article
Published 27-Jul-2010 by Kelly Hodgkins in iOSiPhone OS / iPod OSaccountCheckingCiti MobileCitibankprivacySecurity Read 17 times. More hits in
BGR has uncovered a major security flaw on AT&T’s version of the Samsung Galaxy S II that renders Android’s security lock feature completely useless. Using a simple workaround, the security hole allows anyone to bypass the unlock pattern, which normally denies users access to an Android device unless a preset pattern is drawn on a grid of nine dots spread across the device’s [..] Read complete article
Published 30-Sep-2011 by Jonathan S. Geller in Read 13 times. More hits in
Just a quick follow up to an article we posted last week. It looks like Apple’s iOS 4.2 gold master candidate, which was pushed out to developers last night, closes the security loop hole that allowed the iPhone’s lock screen to be bypassed from the “Emergency Call” function. We’ve been trying, unsuccessful, to replicate the issue with the latest iOS pre-release. If y [..] Read complete article
Published 02-Nov-2010 by Andrew Munchbach in MobileSoftware4.14.2AccessApplebugBypassflawGMgoldiOSMasterSecurity Read 11 times. More hits in
If you are a Mac user, and fancy Safari as your default internet browser, you are going to want to pay attention to this one. A bug found in Safari’s AutoFill feature can allow a malicious website to gather personal information from a… [..] Read complete article
Published 22-Jul-2010 by Kelly Hodgkins in AppleSecuritybrowsersExploitflawSafari Read 26 times. More hits in
Security blog Defense in Depth has found a glaring security flaw in OS X Lion that enables hackers to change the password of any user on a machine running Lion. “[While] non-root users are unable to access the shadow files directly, Lion actually provides non-root users the ability to still view password hash data,” Patrick Dunstan from Defense in Depth explained in a recent blog post. [..] Read complete article
Published 19-Sep-2011 by Todd Haselton in SecuritySoftwareflawhackerlionlocalos xpasswordprivacyuser Read 4 times. More hits in
A report was recently published by Android Police that suggests HTC’s Sense user interface has several major security flaws that provide HTC with access to SMS data, phone numbers, system logs, location information and much more. Worse, the flaw could potentially allow any third-party application to access the same private information without having permission from the user to do so. The sec [..] Read complete article
Published 04-Oct-2011 by Todd Haselton in MobileSecurityEVO 3DEVO 4GflawhackHTCissueSensationSenseThunderboltUI Read 4 times. More hits in
A recent rumor of a Gmail security vulnerability that reportedly led to people having their domains hijacked was proven to be false on Wednesday. The rumor claims that a flaw in Gmail allowed unauthorized users to access a user’s Gmail account and create a forwarding filter without their knowledge; effectively stealing all incoming email. The [...] [..] Read complete article
Published 29-Nov-2008 by Kelly Hodgkins in NewsServicesflawgmailgooglephishingscamsecurityvulnerability Read 18 times. More hits in
All GSM phones, such as those that run on T-Mobile and AT&T in the United States, are vulnerable to a major security flaw that could allow hackers to send text messages or place phone calls remotely using a new security flaw, one hacker said recently. Speaking to Reuters ahead of a hacking convention in Berlin, Karsten Nohl, the head of Germany’s Security Research Labs, said the attack c [..] Read complete article
Published 27-Dec-2011 by Todd Haselton in MobileSecurityflawGSMhackerNohlprivacySecurity Research Labs Read 9 times. More hits in
A group of security researchers uncovered a security flaw in the web browser portion of Android that runs on the G1. According to researcher, Charles A. Miller the flaw could be exploited when a G1 user is tricked into visiting a malicious Web site. Malicious code on the website could then use this exploit to [...] [..] Read complete article
Published 25-Oct-2008 by Kelly Hodgkins in AndroidHTCT-Mobilesecurity flaw Read 31 times. More hits in
Warning We are not responsible of information posted from external feeds. Use this website at your own risk.
Notice: We will not be liable for any direct or indirect loss or damage arising under this disclaimer or in connection with our website, whether arising in tort, contract, or otherwise.
Hello, Guest
Online: 128 visitors
By Andrew Munchbach
Citigroup confirmed publicly that its Citi Mobile iPhone application has a major security flaw. The Citi Mobile application is used by Citibank customers to manage their bank accounts from their iPhone or iPod Touch. The application reportedly stored sensitive information — including account numbers,… [..] ![Image 0 en - Major security flaw lets anyone bypass AT&T Samsung Galaxy S II security [updated]](http://www-bgr-com.vimg.net/wp-content/uploads/2011/09/bgr-att-samsung-galaxy-s-ii.jpg)
BGR has uncovered a major security flaw on AT&T’s version of the Samsung Galaxy S II that renders Android’s security lock feature completely useless. Using a simple workaround, the security hole allows anyone to bypass the unlock pattern, which normally denies users access to an Android device unless a preset pattern is drawn on a grid of nine dots spread across the device’s [..] 
Just a quick follow up to an article we posted last week. It looks like Apple’s iOS 4.2 gold master candidate, which was pushed out to developers last night, closes the security loop hole that allowed the iPhone’s lock screen to be bypassed from the “Emergency Call” function. We’ve been trying, unsuccessful, to replicate the issue with the latest iOS pre-release. If y [..] 
If you are a Mac user, and fancy Safari as your default internet browser, you are going to want to pay attention to this one. A bug found in Safari’s AutoFill feature can allow a malicious website to gather personal information from a… [..] 
A group of security researchers uncovered a security flaw in the web browser portion of Android that runs on the G1. According to researcher, Charles A. Miller the flaw could be exploited when a G1 user is tricked into visiting a malicious Web site. Malicious code on the website could then use this exploit to [...] [..] 
