Experts from the Norwegian company Promon discovered vulnerability in Android, which allows malicious applications to modify legitimate and perform malicious operations on their behalf. The vulnerability, called StrandHogg, could trick the user into granting dangerous privileges to a malicious application, and when the user interacts with the application legitimately. Also, the bug can be used…
Tag: devices
A law was written on the mandatory preinstallation of Russian software on various devices
Today, December 2, 2019, Russian President Vladimir Putin signed law, which will come into force on July 1, 2020 and will oblige manufacturers to preinstall Russian applications on smartphones and other devices intended for sale in our country. It is interesting that on the eve of the Russian Association of Trading Companies and Manufacturers of…
Vulnerabilities in Qualcomm Chips Could Allow Critical Data Disclosure on Devices
Check Point Experts discoveredThat problems in the Qualcomm Secure Execution Environment threaten tens of millions of Android devices. Vulnerabilities allow attackers to steal critical data stored in protected parts of the device. Qualcomm Secure Execution Environment (QSEE) is an implementation of the Trusted Execution Environment (TEE) based on ARM TrustZone technology. In fact, it is…
TPM-FAIL Vulnerabilities Threaten PCs, Laptops, Servers, and Other Devices
A joint group of researchers from the Worcester Polytechnic Institute (USA), the University of Lubeck (Germany) and the University of California at San Diego (USA) revealed details of two problems, collectively called TPM-FAIL. Bugs related to Trusted Platform Module (TPM) and allow you to retrieve cryptographic keys stored in TPM. The danger of TPM-FAIL is…
Thousands of QNAP NAS devices infected with QSnatch malware
Finland's National Cybersecurity Center (NCSC-FI) last week warned about the emergence of a new malware infecting QNAP NAS devices. Now a warning about a new threat published and German CERT experts, stressing that the QSnatch malware has already infected more than 7000 devices in Germany alone. How exactly QSnatch is distributed is still unclear, however,…
XHelper “undeletable” Trojan infected 45,000 Android devices
XHelper was first noticed by experts in the spring of this year, but the first detailed report on the problem appeared in August, when experts Malwarebytes reported that the malware had already infected 35,000 devices. Now a new review of malware has been published by experts Symantecwho claim that the number of infected devices has…
Google will replace Home and Mini devices that fail due to firmware update
A few weeks ago on Google forums (one, 2, 3), As well as on Reddit (one, 2) Messages began to appear from worried users of Google Home and Google Home Mini devices who were affected by an unpleasant problem: their gadgets stopped working in bricks after updating the firmware. It is worth saying that Google…
Millions of Amazon Echo and Kindle devices vulnerable to KRACK
In the fall of 2017, a consolidated group of information security specialists disclosed information about a complex of vulnerabilities in WAP2, called KRACK (abbreviation for Key Reinstallation Attacks). KRACK included 10 different CVEs, using which an attacker can take advantage of the weakness of the four-element WPA2 handshake. In fact, the criminal can force devices…