Followed by MOSEC iOS 8.3 jailbreak demo and dismissal of actual release date, the Pangu Team has announced in their official Weibo that they will be attending the Black Hat USA 2015, one of the top hacker conferences globally, and sharing about a topic captioned Review and exploit neglected attack surfaces in iOS 8.
Specifically, the presentation summary in detail:
The security design of iOS significantly reduces the attack surfaces for iOS. Since iOS has gained increasing attention due to its rising popularity, most major attack surfaces in iOS such as mobile safari and IOKit kernel extensions have been well studied and tested. This talk will first review some previously known attacks against these surfaces, and then focus on analyzing and pointing out those neglected attack surfaces. Furthermore, this talk will explore how to apply fuzzing testing and whitebox code auditing to the neglected attack surfaces and share interesting findings. In particular, this talk will disclose POCs for a number of crashes and memory corruption errors in system daemons, which are even triggerable through XPC (a lightweight inter-process communication mechanism) by any app running in the container sandbox, and analyze and share the POC for an out-of-boundary memory access 0day in the latest iOS kernel.
The presentation will be done by three gentlemen from the Pangu Team, namely Tielei Wang & HAO XU & Xiaobo Chen as you can see the pictures and introduction shown below:
Yet, there is no further update on the iOS 8.3 jailbreak from the team. We will keep you posted in case anything happens.
Source: Weibo; Black Hat