Entries filed under 'Yulong Zhang'

Threat Research Blog

The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.

    FREAK Out on Mobile

    By Yulong Zhang, Zhaofeng Chen, Hui Xue, Tao Wei

    In this blog, we examine iOS and Android apps for their security status against FREAK attacks as clients.


    iOS Masque Attack Revived: Bypassing Prompt for Trust and App URL Scheme Hijacking

    By Hui Xue, Yulong Zhang, Song Jin, Zhaofeng Chen, Tao Wei | Mobile Threats

    In November of last year, we uncovered a major flaw in iOS we dubbed "Masque Attack" that allowed for malicious apps to replace existing, legitimate ones on an iOS device via SMS, email, or web browsing. In total, we have notified Apple of five security issues related to four kinds of Masque Attacks. Today, we are sharing Masque Attack II in the series – part of which has been fixed in the recent iOS 8.1.3 security content update.


    An error has occurred


    Well that wasn’t supposed to happen. Something went wrong when trying to access this page. Please try again in a few minutes while we’re working on it.

    To send feedback about this error, click here.