CarolinaCon, which was to be hosted in Charlotte at the Embassy Suites April 10th through the 11th, 2020, has been postponed due to COVID-19.

The ByteComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of "dataOffsets[]" boundary checks. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program.

The ByteComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of "dataOffsets[]" boundary checks. This vulnerability allows for remote code execution. User interaction is required for this exploit in that the target must visit a malicious page or open a malicious file. This finding was purchased through the Packet Storm Bug Bounty program.

The ShortComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of "dataOffsets[]" boundary checks when the "numDataElements" field is 0. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program.

The ShortComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of "dataOffsets[]" boundary checks when the "numDataElements" field is 0. This vulnerability allows for remote code execution. User interaction is required for this exploit in that the target must visit a malicious page or open a malicious file. This finding was purchased through the Packet Storm Bug Bounty program.

Cisco IP Phone version 11.7 denial of service proof of concept exploit.

Malbait is a honeypot written in perl. It creates fake servers and supports both TCP and UDP protocols, either singly or in combination. It outputs in CSV format as well as giving more detailed text reports. You can serve fake Telnet, FTP, SMTP, POP3, HTTP, TR-69, IMAP, asciitime, systat and echo servers, as well as serving blank or random output.

Capstone is a multi-architecture, multi-platform disassembly framework. It has a simple and lightweight architecture-neutral API, thread-safe by design, provides details on disassembled instruction, and more.

UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.

Creative Zone suffers from a remote SQL injection vulnerability.

Apple iPhone 4 with iOS 4.3 (8F190) suffers from a passphrase disclosure vulnerability that allows all local processes access to it.

Checkview version 1.1 for iPhone / iPod Touch suffers from a directory traversal vulnerability.

iPhone/iPad Phone Drive version 1.1.1 suffers from a directory traversal vulnerability.

This is a brief whitepaper discussing how to perform forensics on iOS 5 on the iPhone.

IPhone TreasonSMS suffers from html injection and file inclusion vulnerabilities.

This article explains the technical procedure and challenges involved in extracting data and artifacts from iPhone backups.

Air Transfer Iphone version 1.3.9 suffers from remote denial of service and unauthenticated file access vulnerabilities.

WordPress Windows Desktop and iPhone Photo Uploader plugin suffers from a remote shell upload vulnerability.

Symantec Mobile Encryption for iPhone version 2.1.0 suffers from a denial of service vulnerability.

Visual Voicemail for iPhone suffers from a use-after-free vulnerability in IMAP NAMESPACE processing.

An issue exists where a malformed iMessage can brick an iPhone. A method in IMCore can throw an NSException due to a malformed message containing a property with key IMExtensionPayloadLocalizedDescriptionTextKey with a value that is not a NSString.

Dr Samir Hamrouni, CEO of the World Free Zones Organization, outlines the attributes that are essential to flourishing free zones.

The UAE's DMCC takes home the top prize in fDi’s Global Free Zones of the Year for a fifth consecutive year. 

Skyjack takes over Parrot drones, deauthenticating their true owner and taking over control, turning them into zombie drones under your own control.

FDI into Latvia has recovered in recent years as the Baltic state has implemented stricter anti-money laundering procedures. Latvian minister of economics Ralfs Nemiro talks to Alex Irwin-Hunt about the progress made.

The chief executive of Ras Al Khaimah Economic Zone (RAKEZ), shares his views over the perks of free zones in emerging markets. 

Sub-Saharan Africa is the world’s fastest growing mobile phone market, but how can telecoms companies make the most of the huge opportunities the region provides?

Combining a strategic location with an investor-friendly environment, Egypt is ensuring its Suez Canal Economic Zone is primed for foreign investment. 

Sustainability is gaining traction in the creative industries, with the Italian region of Trentino designing a film production rating protocol that is being considered by the EU.

Serbia’s 15 free zones are driving forward an ongoing flurry of foreign investment in the country’s buoyant manufacturing scene, especially in automotives.

Covid-19 crisis has laid bare the weaknesses of global value chains around the world

Having opened new production facilities in Rwanda and South Africa, Mara Phones is looking to alter Africa's mindset from being a 'consumer' to being a 'manufacturer'. 

A government bailout for the ailing subsidiary of the telecoms powerhouse has fallen through. 

Global free zones may be spurring development in less economically developed countries