About nine months ago, Rootjunky managed to bypass the factory reset protection (FRP) on Samsung devices simply by inserting an OTG drive into the phone and installing an app. Then, two months later, he found a vulnerability on LG phones; this time, he circumvented FRP by using talkback settings to open a browser, downloading an APK that opened settings, adding a new user, switching back to the main account, and then resetting without FRP. However, this new exploit for Samsung phones might be the most ingenious yet.
Factory reset protection was added to Android with 5.1 Lollipop, but since different OEMs use different variations of Android, vulnerabilities can arise. Read More
Samsung has been diligent about releasing its security patch bulletin along with Google at the beginning of every month, but this month, it took the lead and published the details before even Google got around to doing so.
The report lists the different Android Security Bulletin patches issued by Google to AOSP, which are quite numerous this month. There are 9 critical patches, 26 high-severity ones, 9 moderate, and no low severity patches. As for Samsung's Vulnerabilities and Exposures, 4 new ones have been patched with this release, but the bulletin keeps two a secret probably as to not compromise any devices that might be unguarded and have not already or will not receive the security update. Read More
Verizon has begun rolling out an update for the Galaxy Note Edge that should address the vulnerability in Stagefright, one of Android's media libraries, that could potentially compromise a user's device. This is the first Stagefright-related fix we're aware of Verizon rolling out.
Of course, the changelog doesn't specifically mention Stagefright... but it's really obvious that's what it's for, given the timing of the update and terseness of the document. You can probably expect a slew of Samsung Stagefright fixes (as well as other OEMs, of course) on Verizon to follow, if this is any sign. Read More
This morning, a company called NowSecure published an exploit claiming to affect SwiftKey on Samsung devices that they assert could impact "600 million+" devices. Well, maybe.
While we cannot verify the true seriousness of the security flaw were an attacker to successfully manage to exploit it, we were able to verify something substantially more important to end user safety - it does not affect the SwiftKey app, only the built-in Samsung IME which is partly developed by SwiftKey. Read More
Verizon isn't making many friends when it comes to keeping private information private. Just two days after news broke that Verizon Wireless is collecting and in some cases selling web browsing info, its parent company has been given a black eye for insecure practices associated with the FiOS Internet service. Security researcher Randy Westergren discovered a way to access any FiOS user's Verizon email account by using the mobile API.
The message is, "You really shouldn't be using this app. Or the free email we gave you. At all."
Westergren's discovery and his explanation are highly technical, but what it boils down to is that he could substitute the username (and only the username) of a Verizon FIOS email user in a particular API script in order to access that account. Read More
Ask anybody that spends time in the security circles and they'll tell you that every large software project is bound to have a few long-standing vulnerabilities in the code. Fortunately, there are usually a few people who are paid to close up those holes so you, the customer, don't find yourself the victim of nefarious evildoers someday. Like so many before it, the latest update to Android came with a boatload of changes, at least one of which fixes a potentially dangerous vulnerability that can be used for numerous attacks, including a way to acquire root.
As described in a post on the Cassidian CyberSecurity blog, the vulnerability exists in a system component known as VOLD (Volume Management daemon). Read More
Described by the Wall Street Journal as "a vulnerability that could allow malicious software to track emails and record data communications," a potential vulnerability in Samsung's Knox platform was discovered in late December by researchers at Israel's Ben-Gurion University. The researchers said the vulnerability would allow those with malicious intent to "easily intercept" secure data from Knox users. Samsung's initial response was that the problem may be less serious than researchers implied, and that it would investigate the situation thoroughly. Resolving - or at least addressing - the issue would be an important step for Samsung, as it hopes to position its Knox-enabled devices as viable options for those in need of tight security. Read More
The second annual Mobile Pwn2Own competition, run by HP TippingPoint's Zero Day Initiative, is fast approaching. This year's event will take place at the PacSec Applied Security Conference in Tokyo from November 13-14, and over $300,000 in cash and prizes is up for grabs. The Pwn2Own contest challenges security researchers to find and exploit vulnerabilities on mobile devices and rewards them by giving them the device they were able to compromise. In short, a contestant must "pwn" a device in order to own it. This year's event is sponsored by Google's Android Security Team and BlackBerry.
Contestants can receive $50,000 for compromising a mobile device using Bluetooth, Wi-Fi, USB, or NFC. Read More
When it comes right down to it, few things are much scarier than finding out somebody can track your movements, read your call log and text messages, and even record audio and take pictures of whatever the phone can get, all without your knowledge. Here's the thing - as careful, security-conscious people, many of us already install software like that for our own purposes, usually to recover a phone in the event it should fall into the hands of thieves. Like a weapon intended for protection, sometimes our best defenses can be turned against us.
It was recently discovered that Cerberus anti theft, a tool we've talked about a few times in the past, has a weakness in its network protocol that allows a determined hacker to use brute-force methods to find the IMEI numbers of user devices and ultimately invoke any of Cerberus's functions. Read More