Senior Security Researcher
1
Talks Delivered
1
Events Spoken At
1
Countries Visited
1
Years Speaking
1
Total Talks Given
I (@h4ckologic) am a cybersecurity researcher passionate about uncovering and addressing critical vulnerabilities in complex technology implementations. My work includes identifying and reporting issues to top tech companies like Apple, Google , Microsoft and many others, some of my CVES identified are Apple (CVE-2021-31001), PhantomJS (CVE-2019-17221), and NPM html-pdf (CVE-2019-15138). I’ve had the privilege of sharing my research at leading conferences, including NoNameCon, Ekoparty, and Hacktivity (2020); Hack in the Box and Romhack (2023); and HITB Bangkok and BSides Ahmedabad (2024). With a focus on practical solutions and deep technical insights, I’m dedicated to advancing security practices and contributing to the global infosec community.
Areas of Expertise
Presentation Types
Audience Types
In this talk, we will be discussing a critical security vulnerability we discovered in the Voice over LTE (VoLTE) interface of iOS devices, including iPhones and Apple Watches.
This vulnerability has been present in the iOS operating system since the inception of 4G VoLTE. We will shed light on the issue, its root cause, and how it arises due to improper implementation of GSMA guidelines, highlighting a design flaw in the implementation of the iOS IMS SIP agent.
We will delve into the technical details of the vulnerability, providing a comprehensive analysis of its impact on iOS devices and the potential risks it poses to users’ privacy and security. We will also explore the challenges faced during the discovery and disclosure of the vulnerability to Apple and discuss the response and mitigation measures taken by the company.
