#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Samsung Galaxy S4 | Breaking Cybersecurity News | The Hacker News

Chinese Android Smartphone comes with Pre-installed Spyware

Chinese Android Smartphone comes with Pre-installed Spyware

Jun 17, 2014
If US has banned its several major government departments, including NASA, Justice and Commerce Departments, from purchasing Chinese products and computer technology due to suspected backdoors, then they are not wrong at all. A popular Chinese Android Smartphone comes pre-installed with a Trojan that could allow manufacturer to spy onto their users' comprising their personal data and conversations without any restrictions and users knowledge. GOOGLE PLAY STORE OR A SPYING APP? According to the researchers at the German security firm G Data , the Star N9500 smartphone, a popular and cheap handset device in China, comes pre-installed with Uupay.D Trojan horse, disguising as a version of the Google Play Store. The trojan camouflage as the Google Play Store , so it enables Chinese Company to secretly install malicious apps, which creates the whole spectrum of abuse. STEALING WITHOUT RESTRICTIONS The nasty Spyware runs in the background and has capability to steal
Samsung KNOX - An Encrypted Virtual Operating system for Android Devices

Samsung KNOX - An Encrypted Virtual Operating system for Android Devices

Jan 12, 2014
Last year Samsung launched a security feature called ' KNOX ' for high-end enterprise mobile devices. It's a nice security addition and free with new Samsung handsets such as the Galaxy Note 3 and Samsung Galaxy S4. Samsung Knox is an application that creates a virtual partition (container) within the normal Android operating system that allows a user to run two different Android systems on a same device, so that you can securely separate your personal and professional activities. KNOX based virtual operating system of your phone requires a password to be accessed and helps you to securely store data that they're especially concerned about, such as personal pictures and video, in protected containers that would be resistant to hacking attempts on stolen devices. You can switch between Knox mode and personal mode using shortcuts in the app tray and notification tray. All the data and applications stored in the KNOX container system are completely isolated from the rest
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Hacker 'Pinkie Pie' successfully compromised Chrome on Nexus 4 and Samsung Galaxy S4

Hacker 'Pinkie Pie' successfully compromised Chrome on Nexus 4 and Samsung Galaxy S4

Nov 14, 2013
A Mysterious Hacker who goes by the " Pinkie Pie " handle is rewarded with $50,000 USD for hacking into the Google Chrome browser for Nexus 4 and Samsung Galaxy S4 . At Information Security Conference PacSec 2013 in Tokyo, during the HP's Pwn2Own contest, a zero-day exploit  showcased by " Pinkie Pie ", that took advantage of two vulnerabilities: An integer overflow that affects Chrome. Chrome vulnerability that resulted in a full sandbox escape. For successful exploitation, you have to get your victim to visit a malicious website e.g. clicking a link in an email, or an SMS or on another web page. He demonstrated this zero-day attack with remote code execution vulnerability on the affected devices. It is not known whether other Android phones are also vulnerable to same flaw or not. Vulnerability has been disclosed to Google by the Contest organizers and the company is working to address the issue as soon as possible. Researchers from
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Samsung Galaxy S4 and iPhone 5 zero-day exploits revealed at Pwn2Own 2013 Contest

Samsung Galaxy S4 and iPhone 5 zero-day exploits revealed at Pwn2Own 2013 Contest

Nov 14, 2013
At Information Security Conference PacSec 2013 in Tokyo, Apple's Safari browser for the iPhone 5 and the Samsung Galaxy S4 have been exploited by two teams of Japanese and Chinese white hat hackers. In HP's Pwn2Own 2013 contest , Japanese squad Team MBSD, of Mitsui Bussan Secure Directions won won $40,000 reward for zero day exploit for hacking Samsung Galaxy S4. The vulnerabilities allow the attacker to wholly compromise the device in several ways, such as using a drive-by download to install malware on the phone. In order for the exploit to be successful, the group lured a user to a malicious website, gained system-level privileges and installed applications that allowed the team to gather information, including SMS messages, contacts and browsing history. They  Another Hackers Team from Keen Cloud Tech in China showed how to exploit a vulnerability in iOS version 7.0.3 to steal Facebook login credentials and a photo from a device running iOS 6.1.4. They wo
Serious Smishing vulnerability reported in Samsung Galaxy S4

Serious Smishing vulnerability reported in Samsung Galaxy S4

Jun 25, 2013
Serious security vulnerability was recently discovered on the Samsung flagship Galaxy S4 device, claiming that attackers can use it to silently send text messages. Qihoo 360 Technology, an antivirus company based in China, said that this particular vulnerability is related to the " cloud backup " feature of Galaxy S4, which is not properly protected and can be abused. This vulnerability was first discovered on June 17 and already reported the issue to Samsung and the company is already in the process of developing an official update to fix the vulnerability. A rogue mobile application could contain code exploiting the vulnerability to send fraudulent scam text messages ordering premium-rate services, the firm said. By exploiting the vulnerable cloud backup feature, malware could pretend to be the identity of any contact, friend, relative, or organization when faking phishing SMS messages. When these phishing SMS messages are received, users may be tricked i
Cybersecurity Resources