#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
State of SaaS

OxygenOS | Breaking Cybersecurity News | The Hacker News

Category — OxygenOS
Another Shady App Found Pre-Installed on OnePlus Phones that Collects System Logs

Another Shady App Found Pre-Installed on OnePlus Phones that Collects System Logs

Nov 16, 2017
The OnePlus Saga Continues… Just a day after the revelation of the hidden Android rooting backdoor pre-installed on most OnePlus smartphones, a security researcher just found another secret app that records tons of information about your phone. Dubbed OnePlusLogKit , the second pre-installed has been discovered by the same Twitter user who goes by the pseudonym " Elliot Alderson " and discovered the controversial " EngineerMode " diagnostic testing application that could be used to root OnePlus devices without unlocking the bootloader. OnePlusLogKit is a system-level application that is capable of capturing a multitude of things from OnePlus smartphones, including: Wi-Fi, NFC, Bluetooth, and GPS location logs, Modem signal and data logs, hot and power issue logs, list of the running processes, list of running service and battery status, media databases, including all your videos and images saved on the device. Unlike EngineerMode (which was found ...
OnePlus Secretly Collects Way More Data Than It Should — Here’s How to Disable It

OnePlus Secretly Collects Way More Data Than It Should — Here's How to Disable It

Oct 10, 2017
There is terrible news for all OnePlus lovers. Your OnePlus handset, running OxygenOS—the company's custom version of the Android operating system, is collecting way more data on its users than it requires. A recent blog post published today by security researcher Christopher Moore on his website detailed the data collection practice by the Shenzhen-based Chinese smartphone maker, revealing that OxygenOS built-in analytics is regularly sending users' telemetry data to OnePlus' servers. Collecting basic telemetry device data is a usual practice that every software maker and device manufacturers do to identify, analyse and fix software issues and help improve the quality of their products, but OnePlus found collecting user identification information as well. Moore simply started intercepting the network traffic to analyse what data his OnePlus device sends to its servers, and found that the data collected by the company included: User' phone number MAC addresse...
Product Walkthrough: How Reco Discovers Shadow AI in SaaS

Future-Ready Trust: Learn How to Manage Certificates Like Never Before

WebinarTrust Management / SSL Certificate
Managing digital trust shouldn't feel impossible. Join us to discover how DigiCert ONE transforms certificate management—streamlining trust operations, ensuring compliance, and future-proofing your digital strategy.
All OnePlus Devices Vulnerable to Remote Attacks Due to 4  Unpatched Flaws

All OnePlus Devices Vulnerable to Remote Attacks Due to 4 Unpatched Flaws

May 11, 2017
There is a bad news for all OnePlus lovers. A security researcher has discovered four vulnerabilities that affect all OnePlus handsets, including One, X, 2, 3 and 3T, running the latest versions of OxygenOS 4.1.3 (worldwide) and below, as well as HydrogenOS 3.0 and below (for Chinese users). Damn, I am feeling bad, I myself use OnePlus. One of the unpatched vulnerabilities allows Man-in-the-Middle (MitM) attack against OnePlus device users, allowing a remote attacker to downgrade the device's operating system to an older version, which could then expand the attack surface for exploitation of previously disclosed now-patched vulnerabilities. What's even worse? The other two vulnerabilities also allow an MitM attacker to replace any version of OxygenOS with HydrogenOS (or vice versa), as well as to replace the operating system with a completely different malicious ROM loaded with spying apps. The vulnerabilities have been discovered by Roee Hay of Aleph Research, HCL ...
cyber security

Secure Your Azure: Proactive Tips for Cloud Protection

websiteWizCloud Security
Discover how to boost your Azure cloud security with practical steps to help you maintain control and visibility.
Expert Insights / Articles Videos
Cybersecurity Resources