Android Police

Articles Tagged:

android security

6

LG V60 is picking up its May security update on Verizon

Google has gotten a bit stricter with requiring OEMs to add Android's security updates over the years, but that doesn't mean companies are actually on board. LG's Software Update Center may be running at full power, but everything from last-minute bugs to carrier certification can hold up Android updates. It's almost July, but LG's new dual-screen capable device is only now receiving the May security patch.

Read More
46

Researchers finally discover how Android malware that could survive factory resets works

Earlier this year, a story made the rounds about a new kind of malware afflicting Android handsets. But it was this malware's pernicious nature that really made headlines, as it could even survive complete factory resets on afflicted phones. This insidious malware was named xHelper. At the time, we didn't know how it managed this impressive (but scary) achievement, but security researchers at Kaspersky have since dug into its inner workings, revealing an incredibly sophisticated system that installs itself to an Android phone's system partition, and even changes how the system works to prevent it from being "easily" removed.

Read More
41

Android 10 beta Galaxy S9 and Note9 iris scanners now support Google's new Biometric API

Samsung may have removed the iris scanner from its recent flagship devices like the Galaxy S10 and Note10, but it hasn't forgotten about it on earlier hardware. According to some Galaxy S9 and Note9 users in the Android 10 One UI 2.0 beta program, the company has updated the iris scanner in those phones to be compatible with Google's new Biometric API, a one-stop-shop for in-app user authentication.

Read More
50

Android camera app flaws left devices vulnerable to spying eyes (Update: App clarification)

A new security vulnerability has been discovered inside the Android camera app that potentially affects hundreds of millions of phones across the world. Discovered by a team of security researchers at Checkmarx, the exploit allows a malicious app with access to a phone's storage system to bypass Google's permission safety net and completely spy on users.

Read More
22

To the shock of no one, research paper shows 5G is vulnerable to all sorts of attacks

Although 5G is often touted for being newer, faster, and more secure than 4G, a team of security researchers from the University of Iowa and Purdue University has flipped the last bit of that marketing message on its head by discovering almost a dozen new 5G vulnerabilities. As a result of these breaches, they were able to carry out some nasty attacks like location tracking, broadcasting of false emergency alerts, and severing the 5G connection of a phone entirely from the network.

Read More
12

USB and Bluetooth accessories can be used to attack Android phones and spy on owners

A group of security researchers has discovered an exploit that lets Bluetooth and USB accessories wreak all sorts of havoc on multiple Android smartphones. In both cases, the door of entry was the cellphone modem, or baseband, which is found inside all smartphones.

Read More
42

[Update: Sprint, T-Mobile] US carriers launch system that could replace app passwords with your phone itself

Smartphone users already have several great options when it comes to password managers on Android, letting them log in to supported apps at the press of a button. Now they're being joined by ZenKey, a new service developed in collaboration with the four major US cell carriers that's looking to do away with individual passwords while claiming some robust security features of its own.

Read More
100

October Pixel patches now available via OTA files and factory images

Promptly on time, Google has released October's OTA files and factory images for the Pixels, as well as its general Android security bulletin for the month. At the same time, Verizon is pushing out the set of patches to Pixel users now. It's the second update to Android 9 Pie, and this time around there are no Pixel security patches — just a few functional patches including, most notably, what might finally be a fix for the 2016 Pixel fast charging bug.

Read More
32

Wi-Fi Alliance announces WPA3 security protocol for protecting wireless devices

The Wi-Fi Alliance has announced additional measures to secure wireless devices, following revelations last year about an oversight in the WPA2 specification which left devices vulnerable.

Read More
6

Google paid out $550k for Android Security Reward bounties in the last year, is upping bounty amounts

A year ago today Google announced Android Security Rewards, an expansion of its Vulnerability Rewards Program. Find a vulnerability, tell Google about it, help them fix the issue, and take home money. That's the concept, and it's a common one in the tech industry.

Google handed out over half a million bucks to 82 individuals over the past year. This averaged out to $2,200 per reward. Researchers averaged higher payouts, at $6,700. One, @heisecode, received $75,750 for 26 vulnerability reports. 15 researchers received $10,000 or more.

Read More
Mastodon