Showing posts with tag . Show all posts
The vulnerabilities discovered in smartphones from LG

The Research team Check Point Research has discovered two vulnerabilities in pre-installed virtual keyboard flagship smartphones LG (LGEIME). Specialists Check Point confirmed the presence of vulnerabilities by testing the flagship device LG G4, LG G5, LG G6.

It is Reported that the discovered vulnerabilities could be used for remote code execution with elevated privileges on LG mobile devices. With their help it was possible to operate the keyboard, to use a Keylogger (keylogger), thereby to obtain access to confidential user data.


Chinese hackers broke into Google Pixel for 60 seconds

Qihoo 360 won the prize of 120 thousand dollars from Google that gave the search giant the information on the holes to patch.

Fresh flagships from Google, dubbed Pixel and Pixel XL has already hacked into, and very effectively - in just 60 seconds. It was done at the event PwnFest the white group of Chinese hackers who found and exploited a vulnerability in the software of the gadgets. The guys from Qihoo 360 showed how these smartphones, you can remotely run malicious code.


Android Pay is not working on smartphones with an unlocked boot loader

The security Issue is one of the most sensitive, especially if it concerns payment systems. Because of the promised ease and convenience, the developers have to take additional responsibility and obligations.


Vulnerability found in firmware of Xiaomi smartphones

Information on the official forums of the manufacturer about the app could not be found and the specialist tried himself to learn his destiny. Perform reverse engineering, he found out that the program every 24 hours associated with a vendor's server to check for firmware updates and maybe without participation of the owner in the background to download and install apk files, despite the fact that verifying a digital signature Broenink not found. Although the Xiaomi claim that the apk files are checked.

a Researcher from the Netherlands This Broenink has discovered a vulnerability in smartphones Chinese manufacturer Xiaomi. As the owner of Xiaomi Mi4, he found a strange AnalyticsCore app running in the background.


MIUI is updated - closed a serious hole in the firmware

If we consider only the devices Xiaomi, here downright a considerable army. Only in 2015, the company shipped more than 70 million gadgets with MIUI. They are vulnerable because the relevant bug for all firmwares up to version 7.2.xxxx Stable. However, in the latest firmware versions that exist for almost all devices, the vulnerability is already closed. We strongly recommend you to updated.

IBM X-Force found in the firmware MIUI, which gives us Xiaomi company, a serious vulnerability that enables the attacker to run on the user devices of arbitrary code. While MIUI installed only on devices Xiaomi, but also officially issued by the company and for devices of other vendors, and also unofficially ported craftsmen are not those devices that are not officially supported, but have an audience of users.


Heroes do not die: Anyone play Overwatch popular bloggers

May 24, Blizzard has released Overwatch — session multiplayer shooter in the new universe. The game holds the second month in the top streams on Twitch, and active base of players exceeds 7 million.


In Russia opened a stock exchange for the sale of vulnerabilities in popular software

Russia earned the first exchange for finding vulnerabilities in popular software: e.g. Windows, Adobe Flash, iOS, and so on.


Experts believe that iOS safer than Android

Around the Android and iOS regularly flare up scandals associated with safety. Suffice it to recall the critical Heartbleed vulnerability in certain versions of OpenSSL and hacking of iCloud with the "leaked" celebrity photos.


The smartphone Galaxy S6 Edge has 11 critical vulnerabilities

In 2014, Google created Project Zero to find and fix vulnerabilities in products from other companies. The error messages already received by Adobe and Microsoft, and now came the turn of Samsung.


HTC not ready to upgrade your smartphone every month

HTC may not join the initiative because he believes that it is simply impossible to fulfill. A month - too little time to produce and distribute to users updating the system. The representative of HTC America, John Mackenzie explained why he this idea seems utopian.

Some time ago, the public is alarmed the story of the vulnerability of Stagefright. After that, Google has suggested that it is possible to start to update smartphones every month to Android to close all possible security problems, that all happened quickly. The initiative was supported by several vendors: LG and Samsung. Recently the situation was expressed by the representatives of HTC, saying that it unrealistic promises.


Arbor No. 51: 5 serious vulnerabilities Android

Brief description of the most significant "holes" in the operating system from Google that have affected it during the period since last summer.


LG promises monthly updates security for Android smartphones

LG said that they are ready to release updates to close security holes of Android, ready to do it monthly. And such a news sounds definitely nice. However, there was a caveat that LG Will be releasing the updates, distributing them to operators. This means that operators will eventually be to issue updates to end users, and we know it's not a quick process. However, let's see what will happen with restricted devices.

Representatives LG recently communicating with the Wired talked about the fact that the company is ready to join the Alliance Samsung and Google according to the prompt release of patches Android security. This was done in response to the news about the vulnerability of Stagefright, which was exposed to most of the devices on the Android. The attack can be conducted through MMS.


The next vulnerability will turn your smartphone into a brick

Experts of company Trend Micro has published the results of a very interesting research during which it was discovered another vulnerability in the Android platform, using which attackers can turn our device into unusable bricks.


Google starts to pay money for an Android vulnerability

For the found vulnerabilities, the search giant pays quite generously. If you find a critical bug, then you can easily earn up to $ 2,000, but depending on the priority Google will pay up to $ 8,000.

I Want to make money crack Android. These headers can be found in some Western media. The thing is that now Google is starting to pay off for vulnerabilities found in the system to make Android as secure as possible for all users. The emphasis now is on the Nexus 6 and Nexus 9.


VKontakte willing to pay for their mistakes

Social network VKontakte announced the launch of a new program, the essence of which is to search for vulnerabilities within the service, the detection of which will be appropriately rewarded.


"VKontakte" will pay for the found vulnerabilities

The Russian social network "VKontakte" offered a new way to earn with it. It's not public and not ubiquitous advertising — a search for vulnerabilities and sending bug reports. Found the flaw and reported it received a certain amount of money. This was reported by Andrey Rogozov, head of operations. The whole process is based on the popular platform HackerOne.


Cambridge scientists have identified a new vulnerability in the Android platform

More than 500 million Android devices are a potential threat to their owners, say researchers at Cambridge University, who found the vulnerability of the mechanism of deletion of data when performing factory data reset.


The Map Maker service temporarily not working

Remember the incident with the Android robot peeing on Google maps? Yes, he was the reason for the temporary suspension of the operation of the service Map Maker.


Android has a vulnerability that could steal your fingerprints

Experts from the company FireEye, specializing in information security, has detected a dangerous vulnerabilities associated with biometric sensors on some Android devices.


Not closed the vulnerability of the Android installer for 42.5% of devices

Known as Time-of-Check Time-of-Use (TOCTTOU) vulnerability was first discovered in 2014 what was notified the programmers Google. Since then, the team Android released patches for Android 4.3 and above, but older versions of the system were not protected.

the Company, dealing with security, Palo Alto Networks reports that Android 4.2 and above (currently approximately 42.5% of the devices) vulnerability exists which can be used for the introduction of malware during the installation phase applications in the system from the user.