Apple has released an update to fix comex’s recent .pdf exploit used by jailbreakme.com to jailbreak iDevices.
You must use iTunes to update your device. This update is not available through Apple Software Update
For more information on the security update Apple Security Updates web site: http://support.apple.com/kb/HT1222
updated 9.11.09
More variants of iPhone malware are showing up, some claiming to gather personal data from phones. Don’t be surprised with the source code for ikee circulating that more nefarious malware will be coming soon.
JailBroken phone w/ alpine default pswd = pwned phone or a honeypot 
iPhone ikee Virus
In the past week or so at least four variants of simple worms that look for default ssh passwords on Jail Broken iPhones and replace the backgrounds screens have turned up. The one in the Netherlands is asking users to paypal 5 € to have it fixed.
JD has an interview with the Australian writer ikee and two versions of the source code are available for research purposes. This variant scans a list of subnets for exploitable iPhones and pwns them replacing the background image with a custom one.
Affected users are iPhone users that have JailBroken their phones and NOT changed their default ssh password of alpine. Take a look here at Saurik’s page with detailed instructions on changing your ssh password.
At the Black Hat security conference on last week, security researcher Dino Dai Zovi presented a proof-of-concept rootkit that runs on Apple’s Mac OS X operating system, underscoring the fact that all software has flaws. Dai Zovi’s proof-of-concept rootkit is called Machiavelli, a reference to the Mach kernel that underpins Mac OS X.
“Machiavelli consists of a Mach proxy server on the local controlling host and a number of remote agent servers that run on remote compromised hosts,” Dai Zovi explains in a technical paper that describes his work. “On the controlling host, rootkit management utilities obtain a proxy Mach port from the proxy server and use it just as a normal application would use a local Mach port.”
With his presentation complete, Dai Zovi plans soon to release several Mac software tools related to his research on his Web site. These include: Inject Bundle, for data injection; iChatSpy, code for logging instant messages; SSLSpy, for logging SSL traffic; iSightSpy, for capturing a single frame from any Apple iSight camera; Machiavelli, for remotely controlling a compromised system; and Uncloak, a rootkit identification tool.
Safari prior to version 4 may permit an evil web page to steal files from the local system.
Full techinical details – http://scary.beasts.org/security/CESA-2009-006.html
Blogpost – http://scarybeastsecurity.blogspot.com/2009/06/apples-safari-4-fixes-local-file-theft.html
(includes 1-click demos)
Phrack #66 was released today with some always interesting articles - Developing Mac OS X kernel rootkits by wowie & ghalen
A memory corruption vulnerability exists in Apple Safari which allows a remote attacker to execute arbitrary code through a malicious webpage.
Content © hard-mac.com. Proudly powered by WordPress. To bookmark this site, press Control+D.
"Black Hat" theme by Nicki Faulk. For best results, please view with Firefox. [ Log in ]