Samsung hacked | Breaking Cybersecurity News | The Hacker News

With the growing number of cyber attacks and data breaches, a number of tech companies and organisations have started Bug Bounty programs for encouraging hackers, bug hunters and researchers to find and responsibly report bugs in their services and get rewarded. Samsung is the latest in the list of tech companies to launch a bug bounty program, announcing that the South Korean electronics giant will offer rewards of up to $200,000 to anyone who discovers vulnerabilities in its mobile devices and associated software. Dubbed Mobile Security Rewards Program , the newly-launched bug bounty program will cover 38 Samsung mobile devices released from 2016 onwards which currently receive monthly or quarterly security updates from the company. So, if you want to take part in the Samsung Mobile Security Rewards Program, you have these devices as your target—the Galaxy S, Galaxy Note, Galaxy A, Galaxy J, and the Galaxy Tab series, as well as Samsung's flagship devices, the S8, S8+, a

A user over at the XDA Developers Forum has gone searching through Samsung Exynos kernels and has found one whopper of an exploit. There's both good and bad news with this exploit so head down below for more details on this new found glory. This exploits affects a number of Samsung-made devices, along with potentially any device using an Exynos 4412 or 4210 processor and Samsung kernels. The vulnerability was described on Saturday by the user " alephzain " on XDA Developers, a forum for mobile developers. This Vulnerability could give remotely downloaded apps the ability to read user data, brick phones, or perform other malicious activities. This functionality can be exploited by some malicious apps to gain root access to the device, wipe/steal sensitive data, install malicious codes, and could also be used to potentially brick the phone. According to xda-developers user supercurio, Samsung has been made aware of the security hole, but the company has not p

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.