Recently, Bluebox Security announced there is a vulnerability in Android that allows a crack to modify APK code and bypass the APK certificate mechanism. The vulnerability is named Master Keys Vulnerability and will be released by Bluebox Security at Black Hat USA 2013. (http://bluebox.com/corporate-blog/bluebox-uncovers-android-master-key/) After AegisLab analysis, some of Sony and Samsung using Android 4.2 […]

Follow

AegisLab found a malicious URL：hxxp://update-critical.com，it would detect your browser and redirect you to the fake browser updating website respectively! We discovered there are three types of these fake browser updating websites! AegisLab also found the similar case before：『 安全通報2013-01-03: SEO汙染,瀏覽器更新請注意!! 』，it's not a new trick! Moreover，hackers add instructions and following steps in these fake browser updating websites! IE：hxxp://update-critical.com → hxxp://update-critical.com/ie/ie.html → hxxp://update-critical.com/ie/IEUpdate.exe   […]

Follow