Archive for August 2015

How a bug in Visual Studio 2015 exposed my source code on GitHub and cost me $6,500 in a few hours

As a senior developer with over 12 years of experience in the financial services industry, I didn't think it was possible that I could ...
Read More

KeyRaider: iOS Malware Steals Over 225,000 Apple Accounts to Create Free App Utopia

Recently, WeipTech was analyzing suspicious Apple iOS tweaks reported by users and found over 225,000 valid Apple accounts with passwords s...
Read More

PoC for CVE-2015-1528, Exploiting Heap Corruption due to Integer Overflow in Android libcutil

This PoC is divided into three Parts, the folder mediaserver help to inject code into mediaserver from a normal application. the folder sur...
Read More

CVE-2015-6535: Stored XSS in YouTube Embed (WordPress plugin) allows admins to compromise super admins

Details ================ Software: YouTube Embed Version: 3.3.2 Homepage: https://wordpress.org/plugins/youtube-embed/ CVE ID: CVE-2015-6...
Read More

[OSSA 2015-016] Information leak via Swift tempurls (CVE-2015-5223)

================================================== OSSA-2015-016: Information leak via Swift tempurls =====================================...
Read More

Spoofing and intercepting SIM commands through STK framework (Android 5.1 and below) (CVE-2015-3843)

I found this vulnerability while researching the possibility to intercept one-time password, which sent from bank to carrier to custom appl...
Read More

[OSSA 2015-015] Nova instance migration process does not stop when instance is deleted (CVE-2015-3241)

===================================================================================== OSSA-2015-015: Nova instance migration process does n...
Read More