News

Bleeping Computer

Google finds more Android, iOS zero-days used to install spyware

Google's Threat Analysis Group (TAG) discovered several exploit chains using Android, iOS, and Chrome zero-day and n-day vulnerabilities to install commercial spyware and malicious apps on targets' ...
Fox News

New Android attack tricks you into giving dangerous permissions

A team of academic researchers has uncovered a new Android security exploit that raises a lot of questions about the platform’s permission system. The technique, named TapTrap, uses user interface ...
SC Media

Metasploit OWC ActiveX Exploit

HD Moore has released a second IE 0 day Metasploit Exploit Module in the past 2 weeks. The Office Web Component Exploit in Metasploit was committed to the Dev 3.3 SVN and will attack the vulnerability ...

Google patches active Android exploits in its September update

To check for updates, go to Settings > Security & Privacy > System & Updates > Security Update, then follow the prompts to ...
Network World

Metasploit’s HD Moore from (almost) rags to (not quite) riches

Last week, I got on the phone with HD Moore to ask him how things have been going since he sold Metasploit to Rapid7, sending the open source security world into a frenzy some six months ago. Rapid7 ...
Computerworld

Exploit-powered Android Trojan uses update attack

A new variant of the DroidKungFu Android Trojan is posing as a legitimate application update in order to infect handsets, according to security researchers from Finnish antivirus vendor F-Secure.