Android Police

Articles Tagged:

vulnerability

4

Your phone (and everything else) might be vulnerable to 'frag' attacks over WiFi

Your phone (and everything else) might be vulnerable to 'frag' attacks over WiFi

Just days after we heard about the Qualcomm vulnerability that could let hackers listen to your calls, a security researcher has brought to light several Wi-Fi vulnerabilities, some of which even relate to the Wi-Fi standard itself. The new findings affect not just your phones, tablets, and laptops but just about any device that uses the technology that wirelessly connects to the internet.

Read More
82

Samsung phones already protected against modem vulnerability that lets hackers listen to your calls

Samsung phones already protected against modem vulnerability that lets hackers listen to your calls

Google and other Android manufacturers try to keep on top of the hardware and software security, at varying degrees of intensity. But a vulnerability in widely-used Qualcomm SoCs disclosed by Check Point Research today was particularly alarming. It could theoretically allow a malicious app to patch the software for Qualcomm's MSM modem chips, giving it access to call and text history or even the ability to record conversations. Thankfully, most Samsung phones have already received a patch fixing the problem, and the rest is in for an update next month.

Read More
27

SHAREit app with over a billion installs suffers security vulnerability days before US ban

SHAREit app with over a billion installs suffers security vulnerability days before US ban

The popular SHAREit app isn't just set to be banned in the US in the next three days; it was also apparently vulnerable to a (slightly convoluted) attack. The technical details are a bit of a slog, but in short, the app could indirectly allow for the execution of arbitrary code remotely, read or overwrite the app's local files, or even allow for third-party APKs to be installed. Developers of the app, which claims over a billion installs at the Play Store, were notified of the vulnerability three months ago, but according to Trend Micro, they haven't done anything to address it.

Read More
3

Google patched a major zero-day vulnerability in Chrome — update now

Google patched a major zero-day vulnerability in Chrome — update now

Yesterday, Chrome was patched to fix a major vulnerability discovered by researchers, which was actively exploited in the wild. Precise details aren't known right now, but an update rolled out for Chrome yesterday, and you'd be wise to install it as soon as you can.

Read More
3

Twitter finally gets around to patching Android app security hole... 22 months later

Twitter finally gets around to patching Android app security hole... 22 months later

Twitter has patched its app from a vulnerability within Android that could let a malicious app siphon users' private date — including their direct messages — while bypassing system permissions. Every Twitter for Android user was notified about the security hole which affects users on versions 8 Oreo and 9 Pie.

Read More
4

WhatsApp fixes issue that exposed some users' phone numbers to search engines

WhatsApp fixes issue that exposed some users' phone numbers to search engines

Facebook went on a whack-a-mole expedition patching a security vulnerability that exposed thousands of WhatsApp users' phone numbers with a fairly simple Google search. The Indian researcher who found this loophole is also crying foul for not being able to receive a bounty for his bug find.

Read More
22

MediaTek security vulnerability allowed root access on devices from Nokia, Amazon, BLU, Sony, ZTE, and others

MediaTek security vulnerability allowed root access on devices from Nokia, Amazon, BLU, Sony, ZTE, and others

Security vulnerabilities are unfortunately extremely common in smartphones, given the complexity and varying codebases of most devices. That's why Google has been releasing monthly security patches for years, and if you needed another reason for why those updates are so important, the March 2020 release fixes a critical flaw on many MediaTek devices.

Read More
7

Mozilla patches zero-day exploit for Firefox desktop and Android browsers (APK Download)

Mozilla patches zero-day exploit for Firefox desktop and Android browsers (APK Download)

Mozilla has patched a zero-day exploit in late revisions to Firefox 72 and version 68 of the Android web browser. In a security advisory, the company said that it was made aware of "targeted attacks in the wild abusing this flaw."

Read More
54

[Update: Patched] Pixel, Samsung, and Xiaomi phones among those susceptible to resurfaced zero-day vulnerability

[Update: Patched] Pixel, Samsung, and Xiaomi phones among those susceptible to resurfaced zero-day vulnerability

Android security has come a long way in recent years. The promotion of monthly patches has kept many rising threats at bay while Google Play Protect largely bars malware from the Play Store. Despite these achievements, there are still instances where bad actors can exploit Android's code for nefarious purposes. Google's Project Zero team recently reported such an incident, and you may be at risk if you own one of the affected phones.

Read More
10

KNOB Attack compromises Bluetooth security, but fix is already hitting Android

KNOB Attack compromises Bluetooth security, but fix is already hitting Android

A research team has publicized about a vulnerability in Bluetooth that may affect nearly every device that supports the wireless communication protocol. Chipmakers were made aware to the so-called Key Negotiation of Bluetooth (KNOB) Attack in November. BlackBerry and Google have announced patches for Android devices.

Read More
Mastodon