This Metasploit module abuses some Safari functionality to force the download of a zipped .app OSX application containing our payload. The app is then invoked using a custom URL scheme….
>> CATEGORY: Apple
Apple Security Advisory 2014-02-25-1 – OS X Mavericks 10.9.2 and Security Update 2014-001 is now available and addresses multiple security issues including the recent SSL vulnerability.
Apple Security Advisory 2014-02-25-2 – Safari 6.1.2 and Safari 7.0.2 is now available and addresses an issue where visiting a maliciously crafted website may lead to an unexpected application termination…
Apple Security Advisory 2014-02-25-3 – QuickTime 7.7.5 is now available and addresses multiple security issues related to denial of service and arbitrary code execution.
Apple Security Advisory 2014-02-21-3 – Apple TV 6.0.2 is now available and addresses a security issue. Secure Transport failed to validate the authenticity of the connection. This issue was addressed…
Apple Security Advisory 2014-02-21-1 – iOS 6.1.6 is now available and addresses a security issue. Secure Transport failed to validate the authenticity of the connection. This issue was addressed by…
Apple Security Advisory 2014-02-21-2 – iOS 7.0.6 is now available and addresses a security issue. Secure Transport failed to validate the authenticity of the connection. This issue was addressed by…
Apple Security Advisory 2014-02-11-1 – Boot Camp 5.1 addresses a security issue. A bounds checking issue existed in the AppleMNT.sys driver’s parsing of Portable Executable files. If a Portable Executable…
Apple Security Advisory 2014-01-22-1 – iTunes 11.1.4 is now available and addresses multiple security issues related to content control, code execution, and more. libxml and libxslt have also been updated…
Vega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your…