#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Samsung | Breaking Cybersecurity News | The Hacker News

CISA Flags 8 Actively Exploited Flaws in Samsung and D-Link Devices

CISA Flags 8 Actively Exploited Flaws in Samsung and D-Link Devices

Jul 03, 2023 Mobile Security / Network Security
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has  placed  a set of eight flaws to the Known Exploited Vulnerabilities ( KEV ) catalog, based on evidence of active exploitation. This includes six shortcomings affecting Samsung smartphones and two vulnerabilities impacting D-Link devices. All the flaws have been patched as of 2021. CVE-2021-25394  (CVSS score: 6.4) - Samsung mobile devices race condition vulnerability CVE-2021-25395  (CVSS score: 6.4) - Samsung mobile devices race condition vulnerability CVE-2021-25371  (CVSS score: 6.7) - An unspecified vulnerability in the DSP driver used in Samsung mobile devices that allows loading of arbitrary ELF libraries CVE-2021-25372  (CVSS score: 6.7) - Samsung mobile devices improper boundary check within the DSP driver in Samsung mobile devices CVE-2021-25487  (CVSS score: 7.8) - Samsung mobile devices out-of-bounds read vulnerability leading to arbitrary code execution CVE-2021-25489  (CVSS score: 5.5) - Samsung
Google Uncovers 18 Severe Security Vulnerabilities in Samsung Exynos Chips

Google Uncovers 18 Severe Security Vulnerabilities in Samsung Exynos Chips

Mar 17, 2023 Mobile Security / Firmware
Google is calling attention to a set of severe security flaws in Samsung's Exynos chips, some of which could be exploited remotely to completely compromise a phone without requiring any user interaction. The 18 zero-day vulnerabilities affect a wide range of Android smartphones from Samsung, Vivo, Google, wearables using the Exynos W920 chipset, and vehicles equipped with the Exynos Auto T5123 chipset. Four of the 18 flaws make it possible for a threat actor to achieve internet-to-Samsung, Vivo, and Google, as well as wearables using the Exynos W920 chipset and vehicleses in late 2022 and early 2023, said. "[The] four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction, and require only that the attacker know the victim's phone number," Tim Willis, head of Google Project Zero,  said . In doing so, a threat actor could gain entrenched access to cellular information passing in and out of the targeted devi
CTEM 101 - Go Beyond Vulnerability Management with Continuous Threat Exposure Management

CTEM 101 - Go Beyond Vulnerability Management with Continuous Threat Exposure Management

Mar 12, 2024CTEM / Vulnerability Management
In a world of ever-expanding jargon, adding another FLA (Four-Letter Acronym) to your glossary might seem like the last thing you'd want to do. But if you are looking for ways to continuously reduce risk across your environment while making significant and consistent improvements to security posture, in our opinion, you probably want to consider establishing a  Continuous Threat Exposure Management (CTEM)  program.  CTEM is an approach to cyber risk management that combines attack simulation, risk prioritization, and remediation guidance in one coordinated process. The term Continuous Threat Exposure Management first appeared in the Gartner ® report, Implement a Continuous Threat Exposure Management Program (CTEM) (Gartner, 21 July 2022,). Since then, we have seen that organizations across the globe are seeing the benefits of this integrated, continual approach. Webinar: Why and How to Adopt the CTEM Framework XM Cyber is hosting a webinar featuring Gartner VP Analyst Pete Shoa
Samsung Introduces New Feature to Protect Users from Zero-Click Malware Attacks

Samsung Introduces New Feature to Protect Users from Zero-Click Malware Attacks

Feb 20, 2023 Mobile Security / Zero Day
Samsung has announced a new feature called Message Guard that comes with safeguards to protect users from malware and spyware via what's referred to as zero-click attacks . The South Korean chaebol said the solution "preemptively" secures users' devices by "limiting exposure to invisible threats disguised as image attachments." The security feature, available on Samsung Messages and Google Messages, is currently limited to the Samsung Galaxy S23 series, with plans to expand it to other Galaxy smartphones and tablets later this year that are running on One UI 5.1 or higher. It's also the latest security guardrail erected by Samsung, which also includes the Knox security platform that the company said already offers protection from attacks using video and audio formats. Zero-click attacks are highly-targeted and sophisticated attacks that exploit previously unknown flaws (i.e., zero-days) in software to trigger execution of malicious code without re
cyber security

Uncover Critical Gaps in 7 Core Areas of Your Cybersecurity Program

websiteArmor PointCyber Security / Assessment
Turn potential vulnerabilities into strengths. Start evaluating your defenses today. Download the Checklist.
Samsung Galaxy Store App Found Vulnerable to Sneaky App Installs and Fraud

Samsung Galaxy Store App Found Vulnerable to Sneaky App Installs and Fraud

Jan 23, 2023 Mobile Hacking / App Security
Two security flaws have been disclosed in Samsung's Galaxy Store app for Android that could be exploited by a local attacker to stealthily install arbitrary apps or direct prospective victims to fraudulent landing pages on the web. The issues, tracked as  CVE-2023-21433 and CVE-2023-21434 , were  discovered  by NCC Group and notified to the South Korean chaebol in November and December 2022. Samsung  classified  the bugs as moderate risk and released fixes in version 4.5.49.8 shipped earlier this month. Samsung Galaxy Store, previously known as Samsung Apps and Galaxy Apps, is a dedicated app store used for Android devices manufactured by Samsung. It was launched in September 2009. The first of the two vulnerabilities is CVE-2023-21433, which could enable an already installed rogue Android app on a Samsung device to install any application available on the Galaxy Store. Samsung described it as a case of improper access control that it said has been patched with proper permiss
Hackers Sign Android Malware Apps with Compromised Platform Certificates

Hackers Sign Android Malware Apps with Compromised Platform Certificates

Dec 02, 2022 Mobile Security / Attack Vector
Platform certificates used by Android smartphone vendors like Samsung, LG, and MediaTek have been found to be abused to sign malicious apps. The findings were first  discovered and reported  by Google reverse engineer Łukasz Siewierski on Thursday. "A platform certificate is the application signing certificate used to sign the 'android' application on the system image," a report filed through the Android Partner Vulnerability Initiative ( AVPI )  reads . "The 'android' application runs with a highly privileged user id – android.uid.system – and holds system permissions, including permissions to access user data." This effectively means that a rogue application signed with the same certificate can gain the highest level of privileges as the Android operating system, permitting it to harvest all kinds of sensitive information from a compromised device. The list of malicious Android app packages that have abused the certificates is below - com.
Samsung Galaxy Store Bug Could've Let Hackers Secretly Install Apps on Targeted Devices

Samsung Galaxy Store Bug Could've Let Hackers Secretly Install Apps on Targeted Devices

Oct 31, 2022
A now-patched security flaw has been disclosed in the Galaxy Store app for Samsung devices that could potentially trigger remote command execution on affected phones. The vulnerability, which affects Galaxy Store version 4.5.32.4, relates to a cross-site scripting (XSS) bug that occurs when handling certain  deep links . An independent security researcher has been credited with reporting the issue. "Here, by not checking the deep link securely, when a user accesses a link from a website containing the deeplink, the attacker can execute JS code in the webview context of the Galaxy Store application," SSD Secure Disclosure  said  in an advisory posted last week. XSS attacks  allow an adversary to inject and execute malicious JavaScript code when visiting a website from a browser or another application. The issue identified in the Galaxy Store app has to do with how deep links are configured for Samsung's Marketing & Content Service ( MCS ), potentially leading to
Samsung Admits Data Breach that Exposed Details of Some U.S. Customers

Samsung Admits Data Breach that Exposed Details of Some U.S. Customers

Sep 03, 2022
South Korean chaebol Samsung on Friday said it experienced a cybersecurity incident that resulted in the unauthorized access of some customer information, the second time this year it has reported such a breach. "In late July 2022, an unauthorized third-party acquired information from some of Samsung's U.S. systems," the company  disclosed  in a notice. "On or around August 4, 2022, we determined through our ongoing investigation that personal information of certain customers was affected." Samsung said the infiltration enabled hackers to access certain data such as names, contact and demographic information, dates of birth, and product registration details. It stressed that the incident did not affect users' Social Security numbers or credit and debit card numbers, but noted the information leaked for each relevant customer may vary. The collected information is necessary to help the company deliver the best experience with its products and services,
Samsung Confirms Data Breach After Hackers Leak Galaxy Source Code

Samsung Confirms Data Breach After Hackers Leak Galaxy Source Code

Mar 08, 2022
Samsung on Monday confirmed a security breach that resulted in the exposure of internal company data, including the source code related to its Galaxy smartphones. "According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees," the electronics giant  told  Bloomberg. The South Korean chaebol also confirmed that it doesn't anticipate any impact to its business or its customers as a result of the incident and that it has implemented new security measures to prevent such breaches in the future. The confirmation comes after the LAPSUS$ hacking group dumped 190GB of Samsung data on its Telegram channel towards the end of last week, allegedly exposing the source code for trusted applets installed within  TrustZone , algorithms for biometric authentication, bootloaders for recent devices, and even confidential data from its chip supplier Qualcom
100 Million Samsung Galaxy Phones Affected with Flawed Hardware Encryption Feature

100 Million Samsung Galaxy Phones Affected with Flawed Hardware Encryption Feature

Feb 28, 2022
A group of academics from Tel Aviv University have disclosed details of now-patched "severe" design flaws affecting about 100 million Android-based Samsung smartphones that could have resulted in the extraction of secret cryptographic keys. The shortcomings are the result of an analysis of the cryptographic design and implementation of Android's hardware-backed Keystore in Samsung's Galaxy S8, S9, S10, S20, and S21 flagship devices, researchers Alon Shakevsky, Eyal Ronen, and Avishai Wool  said . Trusted Execution Environments ( TEEs ) are a secure zone that provide an isolated environment for the execution of Trusted Applications (TAs) to carry out security critical tasks to ensure confidentiality and integrity. On Android, the hardware-backed  Keystore  is a system that facilitates the creation and storage of cryptographic keys within the TEE, making them more difficult to be extracted from the device in a manner that prevents the underlying operating system fr
Hackers Can Exploit Samsung Pre-Installed Apps to Spy On Users

Hackers Can Exploit Samsung Pre-Installed Apps to Spy On Users

Jun 11, 2021
Multiple critical security flaws have been disclosed in Samsung's pre-installed Android apps, which, if successfully exploited, could have allowed adversaries access to personal data without users' consent and take control of the devices.  "The impact of these bugs could have allowed an attacker to access and edit the victim's contacts, calls, SMS/MMS, install arbitrary apps with device administrator rights, or read and write arbitrary files on behalf of a system user which could change the device's settings," Sergey Toshin, founder of mobile security startup Oversecured,  said  in an analysis published Thursday. Toshin reported the flaws to Samsung in February 2021, following which  patches were issued  by the manufacturer as part of its monthly security updates for April and May. The list of the seven vulnerabilities is as follows - CVE-2021-25356  - Third-party authentication bypass in Managed Provisioning CVE-2021-25388  - Arbitrary app installation
Flaws in Samsung Phones Exposed Android Users to Remote Attacks

Flaws in Samsung Phones Exposed Android Users to Remote Attacks

Aug 12, 2020
New research disclosed a string of severe security vulnerabilities in the ' Find My Mobile '—an Android app that comes pre-installed on most Samsung smartphones—that could have allowed remote attackers to track victims' real-time location, monitor phone calls, and messages, and even delete data stored on the phone. Portugal-based cybersecurity services provider Char49 revealed its findings on Samsung's Find My Mobile Android app at the DEF CON conference last week and shared details with the Hacker News. "This flaw, after setup, can be easily exploited and with severe implications for the user and with a potentially catastrophic impact: permanent denial of service via phone lock, complete data loss with factory reset (SD card included), serious privacy implication via IMEI and location tracking as well as call and SMS log access," Char49's Pedro Umbelino said in technical analysis. The flaws, which work on unpatched Samsung Galaxy S7, S8, and S9+
Critical "Same Origin Policy" Bypass Flaw Found in Samsung Android Browser

Critical "Same Origin Policy" Bypass Flaw Found in Samsung Android Browser

Dec 29, 2017
A critical vulnerability has been discovered in the browser app comes pre-installed on hundreds of millions of Samsung Android devices that could allow an attacker to steal data from browser tabs if the user visits an attacker-controlled site. Identified as CVE-2017-17692 , the vulnerability is Same Origin Policy (SOP) bypass issue that resides in the popular Samsung Internet Browser version 5.4.02.3 and earlier. The Same Origin Policy or SOP is a security feature applied in modern browsers that is designed to make it possible for web pages from the same website to interact while preventing unrelated sites from interfering with each other. In other words, the SOP makes sure that the JavaScript code from one origin should not be able to access the properties of a website on another origin. The SOP bypass vulnerability in the Samsung Internet Browser, discovered by Dhiraj Mishra , could allow a malicious website to steal data, such as passwords or cookies, from the sites ope
Researcher Claims Samsung's Tizen OS is Poorly Programmed; Contains 27,000 Bugs!

Researcher Claims Samsung's Tizen OS is Poorly Programmed; Contains 27,000 Bugs!

Jul 13, 2017
A researcher has claimed that Samsung's Tizen operating system that runs on millions of Samsung products is so poorly programmed that it could contain nearly 27,000 programming errors, which could also lead to thousands of vulnerabilities. Tizen is a Linux-based open-source operating system backed by Intel and Samsung Electronics, which has been in development since early 2012 and designed for smartphones, tablets, smart TVs, smart watches, cameras and PCs. According to Andrey Karpov — founder of Russia-based company Program Verification Systems that made PVS-Studio, a static code analyzer tool that helps programmers to find and fix bugs in their source codes — his team has discovered hundreds of errors in Tizen project using PVS-Studio. Samsung's Tizen operating system, written in C/C++ programming language, currently has 72.5 million lines of source code, out of which Karpov's team has analysed some randomly chosen modules i.e. 3.3% of the entire Project and fou
It's Insanely Easy to Bypass Samsung Galaxy S8 Iris Scanner with a Photo

It's Insanely Easy to Bypass Samsung Galaxy S8 Iris Scanner with a Photo

May 24, 2017
Samsung recently launched its new flagship smartphones, the Galaxy S8 and Galaxy S8 Plus, with both Facial and IRIS Recognition features, making it easier for users to unlock their smartphone and signing into websites. We already knew that the Galaxy S8's facial unlock feature could be easily fooled with just a simple photograph of the device owner, but now hackers have also discovered a simple way to bypass the iris-based authentication, which Samsung wants you to think is unbeatable. All it took for German hacking group Chaos Computer Club (CCC) to break the Galaxy S8's iris-recognition system was nothing but a camera, a printer, and a contact lens. The white hat hacking group also published a video showing how to defeat Samsung's iris scanner. Video Demonstration — Bypassing Iris Scanner The process was very simple. The CCC group simply used the night mode setting on a Sony digital camera to capture a medium range photo of their subject. Since the iris
Samsung Galaxy S8's Facial Unlocking Feature Can Be Fooled With A Photo

Samsung Galaxy S8's Facial Unlocking Feature Can Be Fooled With A Photo

Mar 31, 2017
Samsung launched its new flagship smartphones, the Galaxy S8 and Galaxy S8 Plus, at its Unpacked 2017 event on Wednesday in New York, with both IRIS and Facial Recognition features, making it easier for users to unlock their smartphone and signing into websites. All users need to do is simply hold their Galaxy S8 or S8 Plus in front of their eyes or their entire face, as if they were taking a selfie, in order to unlock their phone. Biometric technology – that involve person's unique identification (ID), such as Retinal, IRIS, Fingerprint or DNA – is now being integrated into more consumer devices for improved security. But, we have seen a number of hacks involving Biometric security systems in the past, which prove that fingerprint scanner and IRIS scanner  are less secure than a passcode and can be fooled by anyone, perhaps, using a photograph of the user. But how secure is the built-in sensor from Samsung to allow for facial recognition? Not so much...at least for now
Smile! Hackers Can Remotely Access Your Samsung SmartCam Security Cameras

Smile! Hackers Can Remotely Access Your Samsung SmartCam Security Cameras

Jan 18, 2017
It's not necessary to break into your computer or smartphone to spy on you. Today all devices in our home are becoming more connected to networks than ever to make our lives easy. But what's worrisome is that these connected devices can be turned against us, anytime, due to lack of stringent security measures and insecure encryption mechanisms implemented in these Internet of Things (IoTs) devices. The most recent victim of this issue is the Samsung's range of SmartCam home security cameras. Yes, it's hell easy to hijack the popular Samsung SmartCam security cameras, as they contain a critical remote code execution (RCE) vulnerability that could let hackers gain root access and take full control of these devices. SmartCam is one of the Samsung's SmartThings range of devices, which allows its users to connect, manage, monitor and control "smart" devices in their home using their smartphones or tablets. Back in 2014, the hacking group Exploiteer
Samsung Get Sued for Failing to Update its Smartphones

Samsung Get Sued for Failing to Update its Smartphones

Jan 22, 2016
One of the world's largest smartphone makers is being sued by the Dutch Consumers' Association (DCA) for its lack in providing timely software updates to its Android smartphones. This doesn't surprise me, though. The majority of manufacturers fail to deliver software updates for old devices for years. However, the consumer protection watchdog in The Netherlands, The Dutch Consumentenbond, filed a lawsuit against Samsung, due to the manufacturer's grip over the local market compared to other manufacturers. Last year, the discovery of the scary Stagefright Security Bug , which affected over 1 Billion Android devices worldwide, forced Samsung to implement a security update process that " fast tracks the security patches over the air when security vulnerabilities are uncovered a security update process that " fast tracks the security patches over the air when security vulnerabilities are uncovered, " and that the security updates will
Samsung Launches 6GB RAM Chips for Next Generation Smartphones

Samsung Launches 6GB RAM Chips for Next Generation Smartphones

Sep 09, 2015
With Launch of Galaxy S6 and Galaxy S6 Edge , Samsung was the first one to bring 4GB RAM access in the Android mobile phones; with Samsung Note 5 and the current OnePlus 2 carrying the same RAM capacity. Now, today Samsung has again taken the technology a step further with the launch of 12GB LPDDR4 ( low power, double data rate 4 ) DRAM Chip that will offer 6GB RAM for the upcoming Next Generation Smartphones and tablets. The latest DRAM chip version 12 comes with such technology that accelerates: Advanced 20-nanometer (nm) Process Technology 30% fast speed than the previous 8GB LPDDR4 20% Less energy consumption Increased Manufacturing productivity to 50% The next generation mobile phones are supposed to be equipped with the new mobile DRAM chip enabling increased capacity and fastest speed with simultaneously providing essentials (for building a smarter mobile device) such as: Excellent energy efficiency Reliability Ease of design Smooth multitasking Better pe
Samsung Galaxy S6 and Galaxy S6 Edge — 8 Things You Should Know

Samsung Galaxy S6 and Galaxy S6 Edge — 8 Things You Should Know

Mar 02, 2015
A whole lot of things gone in the official kickoff of Mobile World Congress 2015 , but a unique phone with a curved screen on both sides of the device acquired everybody's attention. That's what unveiled by Samsung late Sunday. Samsung has officially unveiled its next-generation flagship Smartphones — Samsung Galaxy S6 and Samsung Galaxy S6 Edge . This time, the company didn't just focus on the specs and features, but also on design — unique and sleek. 1. EYE-CATCHING PREMIUM DESIGN Both Samsung Galaxy S6 and Samsung Galaxy S6 Edge comes with a sleek glass-and-metal body on the front and back. On one hand, the Samsung Galaxy S6 Edge has a screen that curves around both sides with a comfortable grip, giving the phone a much smarter look. While, the Samsung Galaxy S6 has the most beautiful appearence to ever exist in the entire Samsung's S series. The new Galaxy smartphones are made of 'stronger metal' and comes with the toughest glass, Corning Gorilla
Samsung Admits Its Smart TV Is Spying On You

Samsung Admits Its Smart TV Is Spying On You

Feb 09, 2015
Is Your Smart TV Spying On You?  You just need to make sure you don't hold any private conversations in front of the internet-connected TV. IS SMART TV GETTING TOO SMART? Smart TVs are connected to the Internet, and they are capable of collecting and transmitting our data. Samsung's Smart TV uses voice recognition technology to enable voice commands, but its privacy policy defined by the company says " if your spoken words include personal or other sensitive information, that information will be captured and transmitted to a third party. " In other words, Samsung's Voice Recognition feature is always listening you, unless you deactivate it. So these internet-enabled smart devices can be exploited to reveal a wealth of personal. " In addition, Samsung may collect and your device may capture voice commands and associated texts so that we can provide you with Voice Recognition features and evaluate and improve the features. " Samsung S
Cybersecurity Resources