Android Vulnerability - Security Intelligence

news

Pegasus Spyware Introduces Itself to Android

Chrysaor, a variant of Pegasus spyware, has appeared on a small handful of Android devices and surveils users with a variety of techniques.

April 6, 2017 | By Larry Loeb

news

article

Going Inside an Arbitrary Kernel Write Vulnerability in the Nexus 9 (CVE-2016-3873)

The IBM X-Force Application Security Research Team discovered an arbitrary write vulnerability in Nexus 9's kernel, putting application data at risk.

January 17, 2017 | By Sagi Kedmi

article

An Android Nexus 6 device lying on a table.

article

Android Vulnerabilities: Attacking Nexus 6 and 6P Custom Boot Modes

X-Force researchers disclosed several Android vulnerabilities that could enable cybercriminals to use custom boot modes to take over Nexus 6 and 6P modems.

January 5, 2017 | By Roee Hay

article

This Nexus 5X vulnerability could have been exploited by physical attackers with ADB, or Android Debug Bridge, access to the device. A nonphysical attacker could gain ADB access by infecting an ADB-authorized developer's PC with malware.

article

Undocumented Patched Vulnerability in Nexus 5X Allowed for Memory Dumping via USB

The IBM X-Force Application Security Research Team discovered a previously undocumented vulnerability in older versions of Nexus 5X's Android images.

September 1, 2016 | By Roee Hay

article

Quadrooter targets vulnerabilities on factory-installed Qualcomm chips. The four new privilege exploits let attackers access saved data, change or remove system files, delete or add apps, and access virtually all phone services.

news

Quadruple Threat: Qualcomm Chips Ramp Up Rooting Risk of 900 Million Androids

Quadrooter, a set of four privilege escalation vulnerabilities, allows attackers to access user data by exploiting flawed Qualcomm chips.

August 9, 2016 | By Douglas Bonderud

news

A popular tactic for cybercriminals involves leveraging OmniRAT, a remote administration tool, to send messages to victims' smartphones and trick them into handing over access to their smartphones. This could lead to data theft and other risks.

news

OmniRAT Takes Over Android Devices Through Social Engineering Tricks

Cybercriminals could be leveraging remote tools such as OmniRAT to take over Android devices and steal data from unsuspecting victims.

November 6, 2015 | By Shane Schick

news

Security researchers from Google's Project Zero have discovered 11 high-impact issues in Galaxy S6 Edge mobile devices. While manufacturers worked for months to proactively fight these security problems, the researchers uncovered them in less than a week.

news

Google’s Project Zero Discovers 11 Security Issues in Galaxy S6 Edge

The team at Google's Project Zero has discovered 11 high-impact security issues in Galaxy S6 Edge devices, and Samsung is moving to patch quickly.

November 5, 2015 | By Shane Schick

news

The Certifi-gate Android vulnerability could pose major authentication problems for owners of Samsung or LG smartphones. Patches have yet to be deployed, leaving many users scrambling to check their own mobile security and vulnerabilities.

news

LG, Samsung Phones at Risk of Certifi-gate Android Vulnerability

A new Android vulnerability has come into the spotlight, causing some Samsung and LG smartphone users to think twice about their authentications.

August 26, 2015 | By Shane Schick

news

Application security is a priority for many mobile users, but even the most advanced developers need to be aware of the recently exposed Android serialization vulnerability. Understanding the relevant coding flaws can help programmers secure apps.

article

One Class to Rule Them All: New Android Serialization Vulnerability Gives Underprivileged Apps Super Status

IBM researchers recently revealed details about an Android serialization vulnerability, including recommendations for protecting mobile devices.

August 10, 2015 | By Or Peles

article

Numerous vulnerabilities in the Android operating system have come to light in recent weeks. To combat these threats, Google and several network carriers are changing how they provide Android updates, rolling out patches more quickly and frequently.

news

Why Stagefright and the Endless Reboot Bug May Have Prompted Google’s New Android Updates Program

Google is changing how it approaches Android updates in order to mitigate vulnerabilities that users of the operating system have been encountering.

August 7, 2015 | By Shane Schick

news

Tag: Android Vulnerability