AndroRAT exploits older Android vulnerability

Trend Micro researchers detected a new variant of Android Remote Access Tool (AndroRAT) that targets an older publicly disclosed vulnerability (CVE-2015-1805) that allows an attacker to compromise older Android devices to perform privilege escalation.

Continue Reading AndroRAT exploits older Android vulnerability

Lenovo warns of critical WiFi vulnerabilities

Lenovo warned its customers about two critical Broadcom WiFi vulnerabilities that affect 25 ThinkPad models. The firmware vulnerabilities impact Broadcom’s BCM4356 Wireless LAN Driver for Windows 10 and contain buffer overflow flaws.

Continue Reading Lenovo warns of critical WiFi vulnerabilities

Apple’s iPhone ‘iBoot’ source code leak

Someone has posted to GitHub the purported source code for a critical component for iPhone's bootloader or "iBoot." Access to iBoot code could allow hackers to find vulnerabilities in iOS that could be exploited in the future. iBoot is responsible for ensuring the trusted boot of the mobile operating system, in a sense like iPhone's BIOS.

Continue Reading Apple’s iPhone ‘iBoot’ source code leak