Einschränkung der Auswahl
Alle Artikel aus
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2008/2009
oder nur Artikel des
• Entwickler Magazin aus
2019
2018
2017
2016
2015
2014
2013
2012
2011
2008-2010
alle (lang!)
• Mobile Technology aus
2019
2016
2015
2014
2012/2013
alle (lang!)
• PHP Magazin / PHP User aus
2019
2018
2017
2016
2015
2014
2013
2012
2011
2009/2010
alle (lang!)
• windows.developer / dot.Net Magazin aus
2019
2018
2017
2016
2015
2014
2013
2012
2008-2011
alle (lang!)
• oder der anderen Magazine
Mobile Technology 4.2015 - Stagefright und Certifi-gate bei Android
Im Magazin
Mobile Technology 4.2015
ist ein Artikel über die auf der Black Hat USA 2015 vorgestellten
Schwachstellen in und Angriffe auf Android wie Stagefright und Certifi-gate
erschienen.
Links
- [1] Joshua J. Drake , Z Team; Zimperium Mobile Security Blog: "Experts Found a Unicorn in the Heart of Android"
- [2] Android Open Source Project: Media
- [3] Carsten Eilers: "2014 - Das Jahr, in dem die Schwachstellen Namen bekamen"
- [4] Paul Ducklin; Sophos Naked Security: "The "Stagefright" hole in Android - what you need to know"
- [5] Symantec Security Response; Symantec Security Response Blog: "Stagefright vulnerabilities pose serious threat to Android users"
- [6] Sean Michael Kerner; eWeek: "Android Stagefright Flaw Puts Hundreds of Millions of Users at Risk"
- [7] Wei Wei; LinkedIn: "Insight of Stagefright Flaws"
- [8] Filip Chytry; Avast Blog: "Big Brother(s) Could be Watching You Thanks to Stagefright"
- [9] Michael Mimoso; Threatpost: "Android Stagefright Flaws Put 950 Million Devices at Risk"
- [10] Android Open Source Project: "Security Enhancements"
- [11] Aarti Shahani; NPR: "Major Flaw In Android Phones Would Let Hackers In With Just A Text"
- [12] Greg Baugues; Twilio Blog: "How to Protect Your Android Phone From the Stagefright Bug"
- [13] Avast FAQ ¦ Mobile Security: "Protect your mobile device from Stagefright – new Android vulnerability"
- [14] Bruce Schneier; Schneier on Security: "Stagefright Vulnerability in Android Phones"
- [15] Alex Hern; The Guardian: "Stagefright: new Android vulnerability dubbed 'heartbleed for mobile'"
- [16] Wish Wu; TrendLabs Security Intelligence Blog: "Trend Micro Discovers Vulnerability That Renders Android Devices Silent"
- [17] Thomas Fox-Brewster; Forbes: "Russian 'Zero Day' Hunter Has Android Stagefright Bugs Primed For One-Text Hacks"
- [18] Z Team; Zimperium Mobile Security Blog: "How to Protect from StageFright Vulnerability"
- [19] CyanogenMod: "Recent Stagefright issues"
- [20] Wish Wu; TrendLabs Security Intelligence Blog: "MMS Not the Only Attack Vector for "Stagefright""
- [21] Qever; Cheetah Mobile Security Center: "Revisited Stagefright vulnerability --POC and EXP" (via Google Translate chinesisch-englisch)
- [22] Wish Wu; TrendLabs Security Intelligence Blog: "Android MediaServer Bug Traps Phones in Endless Reboots"
- [23] CVE-2015-3823
- [24] Joshua Drake; Black Hat USA 2015: "Stagefright: Scary Code in the Heart of Android" (Video auf YouTube)
- [25] CVE-2015-1538
- [26] CVE-2015-1539
- [27] CVE-2015-3824
- [28] CVE-2015-3826
- [29] CVE-2015-3827
- [30] CVE-2015-3828
- [31] CVE-2015-3829
- [32] Carsten Eilers: "Schutzmaßnahmen: ASLR gegen Pufferüberlauf-Schwachstellen"
- [33] Carsten Eilers: "Schutzmaßnahmen: ASLR kann unterlaufen werden"
- [34] Z Team; Zimperium Mobile Security Blog: "Stagefright: Vulnerability Details, Stagefright Detector tool released"
- [35] Adrian Ludwig; Official Android Blog: "An Update to Nexus Devices"
- [36] SamsungTomorrow: "Samsung Announces an Android Security Update Process to Ensure Timely Protection from Security Vulnerabilities"
- [37] Lisa Vaas; Sophos Naked Security: "Stagefrightened Google, Samsung to push out monthly Android fixes"
- [38] Ronald Eikenberg; heise Security: "Telekom schaltet MMS wegen Android-Lücken ab"
- [39] Z Team; Zimperium Mobile Security Blog: "Stagefright wakes up the mobile eco-system"
- [40] Jordan Gruskovnjak, Aaron Portnoy; Exodus Intelligence: "Stagefright: Mission Accomplished?"
- [41] CVE-2015-3864
- [42] Wish Wu; TrendLabs Security Intelligence Blog: "MediaServer Takes Another Hit with Latest Android Vulnerability"
- [43] CVE-2015-3842
- [44] Wish Wu; TrendLabs Security Intelligence Blog: "Revisiting CVE-2015-3823: Mediaserver Bug Leads To Heap Overflow, Too"
- [45] Deutsche Telekom: "Schutz vor Android-Schwachstelle: Telekom vereinfacht MMS-Empfang"
- [46] zLabs; Zimperium Mobile Security Blog: "The Latest on Stagefright: CVE-2015-1538 Exploit is Now Available for Testing Purposes"
- [47] Ron Amadeo; Ars Technica: "First-ever monthly Android security updates start to roll out"
- [48] Mark Brand; Project Zero: "Stagefrightened?"
- [49] Ohad Bobrov, Avi Bashan; Black Hat USA 2015: "Certifi-gate: Front-Door Access to Pwning Millions of Androids"
- [50] Check Point Research Team; Check Point Blog: "Certifi-gate: Hundreds of Millions of Android Devices Could Be Pwned"
- [51] Android Developers: Binder
- [52] Check Point Research Team; Check Point Blog: "New Insights on the Extent, Exploitation, and Mitigation of This New Threat"
- [53] Wen Xu; Black Hat USA 2015: "Ah! Universal Android Rooting is Back"
- [54] CVE-2015-3636
- [55] Adrian Ludwig; Black Hat USA 2015: "Android Security State of the Union" (Präsentation dazu)
- [56] Di Shen; Black Hat USA 2015: "Attacking Your Trusted Core: Exploiting Trustzone on Android"
- [57] CVE-2015-4421
- [58] CVE-2015-4422
- [59] Daniel Mayer, Drew Suarez; Black Hat USA 2015: "Faux Disk Encryption: Realities of Secure Storage on Mobile Devices"
- [60] Yulong Zhang, Tao Wei; Black Hat USA 2015: "Fingerprints on Mobile Devices: Abusing and Leaking"
- [61] Guang Gong; Black Hat USA 2015: "Fuzzing Android System Services by Binder Call to Escalate Privilege"
- [62] Yeongung Park, Jun Young Choi; Black Hat USA 2015: "THIS IS DeepERENT: Tracking App Behaviors with (Nothing Changed) Phone for Evasive Android Malware"