Security Alerts & News
by Tymoteusz A. Góral

History
#1725 Powerful backdoor/rootkit found preinstalled on 3 million Android phones
Almost three million Android phones, many of them used by people in the US, are vulnerable to code-execution attacks that remotely seize full control of the devices, researchers said Thursday.

Until recently, the flaw could have been exploited by anyone who took the time to obtain two Internet domains that remained unregistered despite being hardwired into the firmware that introduced the vulnerability. After discovering the vulnerability, researchers from security ratings firm BitSight Technologies registered the addresses and control them to this day. Even now, the failure of the buggy firmware to encrypt communications sent to a server located in China makes code-execution attacks possible when phones don't use virtual private networking software when connecting to public hotspots and other unsecured networks.
Read more
#1726 Android user locked out of Google after moving cities
#1725 Powerful backdoor/rootkit found preinstalled on 3 million Android phones
#1724 Second Chinese firm in a week found hiding backdoor in firmware of Android devices
#1723 iPhones vulnerable to yet another lockscreen bypass
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12