CBG in the News
Active VPN Bypass on Android KitKat – Disclosure Report
Following our second vulnerability report where we demonstrated an active VPN bypass on Android Jelly Bean 4.3 we have decided to further investigate the existence of the vulnerability on Android KitKat 4.4. At first we could not reproduce it with the original vulnerability code since KitKat has a modified security implementation. Following an elaborate investigation we were able to reproduce the same vulnerability where a malicious app can bypass active VPN configuration (no ROOT permissions required) and redirect secure data communications to a different network address. These communications are captured in CLEAR TEXT (no encryption)...
Read More ...Cyber Labs in the News
Recent news coverage: Samsung Phone Studied for Possible Security Gap / WSJIsraeli Researchers Point to Alleged Vulnerability in ...
Read More ...