“Zero-click” mobile phone attacks – and how to avoid them

Last year, we wrote about an conference paper from Google’s Project Zero with the catchy title Look, no hands! – The remote, interaction-less attack surface of the iPhone.

One of the researchers involved in that project has just published an interesting follow-up article on the Project Zero blog,

This article doesn’t have the intriguing, PR-friendly title of the conference paper, because it’s written in just two words of jargon: Fuzzing ImageIO.

But for cybersecurity researchers interested in how and why apps misbehave, those two words definitely are attention-grabbing.Fuzzing is a bug-hunting technique that you might call 60% science, 30% art, 25% alchemy and a lot of patience.

Sophos


Posted on May 1, 2020


by Jos


Logo earth Isoc