#FreeTheSandbox
@FreeTheSandbox
An official account for the #FreeTheSandbox Initiative that promote local admin rights for on *our* smartphones. It's simple: Local admin = more innovation!
Potrebbero piacerti
A friendly reminder: hundreds of organizations develop, and sell / resell offensive cyber capabilities vs. smartphones. Oftentimes, zero-clicks. And yet, as of April 4th, 2021 - the sandbox developed by @Apple and @Google actively helps them to hide. It's time to #FreeTheSandbox
You may want to stay on 15.6 if you aim for full access to your device. This is unfortunate that we must keep the device in a vulnerable state to get a local admin on our phone... but this is the reality. Hopefully it will be fixed soon with #FreeTheSandbox
[IMPORTANT] Using an iPhone or iPad? make sure to update to the latest iOS and iPadOS that fixes two vulnerabilities that may have been exploited in the wild in one-click and potentially also zero-click attacks! More details on Apple's website: support.apple.com/en-us/HT213412
![ZecOps's tweet image. [IMPORTANT] Using an iPhone or iPad? make sure to update to the latest iOS and iPadOS that fixes two vulnerabilities that may have been exploited in the wild in one-click and potentially also zero-click attacks!
More details on Apple's website: support.apple.com/en-us/HT213412](https://pbs.twimg.com/media/FaYucToUUAAvlVP.jpg)
Fake Droids: Your New Android Device is Actually an Old Android 6 via @ZecOps Blog blog.zecops.com/research/fake-…
Surprise surprise! Another day another 0day exploited in the wild bleepingcomputer.com/news/security/… Incremental patches/mitigations will never work against determined individuals. The only thing that will help to reduce mass surveillance on mobile phones is more eyes. #FreeTheSandbox 👊
youtube.com
YouTube
Fake shutdown simulation using NoReboot persistence technique
[New Research] iOS Persistence without "Persistence": Meet The Ultimate Persistence Bug - #NoReboot via @ZecOps Blog blog.zecops.com/research/persi…
iOS 15.2 is out and it is wild. Many remote and local security issues. If you care about your iPhone/iPad security you should update soon. [Source: support.apple.com/en-us/HT212976]
![ihackbanme's tweet image. iOS 15.2 is out and it is wild. Many remote and local security issues. If you care about your iPhone/iPad security you should update soon.
[Source: support.apple.com/en-us/HT212976]](https://pbs.twimg.com/media/FGjHuEEXMAA_19X.jpg)
How iOS Malware Can Spy on Users Silently? blog.zecops.com/research/how-i… via @ZecOps blog (POC included)
The day is coming. Consumers are waking up. Saying "no more" - you can't secure the platform 100% by definition - let us try too. #FreeTheSandbox #LocalAdminOnMobile #TheSpiceMustFlow
Mobile is a platform where attackers gets a better access than the victim trying to protect themselves, example #28241: Google Warns of New Android 0-Day Vulnerability Under Active Targeted Attacks thehackernews.com/2021/11/google…
<3 @ZecOps
[iOS 15.1 Update]: Use-After-Free in Voice Control: CVE-2021-30902 Write-up via @ZecOps Blog blog.zecops.com/research/use-a…
Team PangU pwned iPhone13 Pro remote jailbreak on the day1 of TianfuCup, will take $300k as reward and ranked as #1 currently.
[BREAKING] CVE-2021-30858 iOS WebKit RCE 0-day in the wild: googleprojectzero.github.io/0days-in-the-w… including POC. Can be chained with CVE-2021-30883 and used in 1-clicks and water-holing attacks against iOS users. Update to the latest version as soon as possible.
We can confirm that the recently patched iOS 15.0.2 vulnerability, CVE-2021-30883, is also accessible from the browser: perfect for 1-click & water-holing mobile attacks. This vulnerability is exploited in the wild. Update as soon as possible.
[BREAKING] @Apple just released iOS 15.0.2 and patched CVE-2021-30883, yet another vulnerability in IOMobileFrameBuffer, that was *exploited in the wild*. [ACTION REQUIRED] Update your iOS devices as soon as you can.
![ZecOps's tweet image. [BREAKING] @Apple just released iOS 15.0.2 and patched CVE-2021-30883, yet another vulnerability in IOMobileFrameBuffer, that was *exploited in the wild*.
[ACTION REQUIRED] Update your iOS devices as soon as you can.](https://pbs.twimg.com/media/FBcNyBIVEAIvKz3.jpg)
The time has come 🥶. #FreeTheSandbox
Some technical details and POC of the IOMFB Integer (CVE-2021-30883) Overflow are already available by the fantastic @AmarSaar saaramar.github.io/IOMFB_integer_…
This vulnerability is possibly related to: CVE-2021-30807, also in IOMobileFrameBuffer, that was patched in iOS 14.7.1. The vulnerability provides to attackers kernel privileges after they already gained initial code execution capabilities on the device.
[BREAKING] @Apple just released iOS 15.0.2 and patched CVE-2021-30883, yet another vulnerability in IOMobileFrameBuffer, that was *exploited in the wild*. [ACTION REQUIRED] Update your iOS devices as soon as you can.
Tapping “trust” on idevices then entering recovery mode over wireless (which is an old iOS feature) is the new RCE.
United States Tendenze
- 1. #GrandEgyptianMuseum 25.5K posts
- 2. #GEM𓅓 7,080 posts
- 3. #Talus_Labs N/A
- 4. Game 7 75K posts
- 5. #capcutlovers N/A
- 6. jungkook 821K posts
- 7. Happy New Month 162K posts
- 8. Kawhi 8,042 posts
- 9. Ja Morant 5,642 posts
- 10. vmin 4,191 posts
- 11. Glasnow 6,763 posts
- 12. Barger 6,070 posts
- 13. Bulls 31.8K posts
- 14. Justin Dean 2,590 posts
- 15. Halloween 2025 198K posts
- 16. Tinubu 45.2K posts
- 17. #RipCity N/A
- 18. Grizzlies 7,338 posts
- 19. Roki 7,720 posts
- 20. Sasaki 11.1K posts
Potrebbero piacerti
Something went wrong.
Something went wrong.