Silent Circle Blackphone | Breaking Cybersecurity News | The Hacker News

The makers of ultra secure BlackPhone titled by Silent Circle as, " world's first Smartphone which places privacy and control directly in the hands of its users ," have recently fixed a critical vulnerability in the instant messaging application that allows hackers to run malicious code on the handsets. BlackPhone was also hacked last year at the BlackHat security conference , but the interesting factor about the recent hack was that the attackers only needed to send just a message on a targeted phone number in order to compromise the device. The vulnerability was first discovered and disclosed by Mark Dowd , a principal security researcher at the Australia-based consultancy firm Azimuth Security. Dowd discovered the issue late in 2014, but waited to disclose it until Blackphone got their patches and fixes in place. The flaw actually resides in Silent Text application — the secure text messaging application bundled with the BlackPhone handsets, which is al...

The ultra secure NSA-Proof Blackphone titled as, " world's first Smartphone which places privacy and control directly in the hands of its users, " has been rooted within 5 minutes at the BlackHat security conference in Las Vegas this weekend. Blackphone , a joint venture between encrypted communications firm Silent Circle and Spanish Smartphone maker Geeksphone , has a fully customized version of Android known as PrivatOS and pre-installed with lots of privacy-enabled applications, which claims to offer its users a high-end security at consumer level. A security researcher with twitter handle @TeamAndIRC took only 5 minutes to achieve root access on the Blackphone without having the need to unlock the device' bootloader. The hacker even mocked Blackphone's team by saying that "It is apparent no one ran CTS [ compatibility test suite ] on this device." The so-called " secure " Android phone that was promising security given the fact that its basically a suite of secure...

Earlier this year encrypted communications firm Silent Circle and Spanish Smartphone maker Geeksphone  announced a  privacy-focused  encrypted  S martphone  called ' Blackphone ' and today the company has revealed it as ' Mobile World Congress ' in Barcelona. The Blackphone titled as, " world's first Smartphone which places privacy and control directly in the hands of its users, " has a fully customized version  customized version of Android called PrivatOS   and pre-installed with lots of  privacy-enabled applications, is now available for pre-order for about $629 . Silent Circle was co-founded by a respected Cryptographer  Phil Zimmermann,  best known as the creator of  Pretty Good Privacy (PGP) , which is a widely used email encryption software. The Blackphone handsets main focus is keeping all of your data secure, and to stop government agencies snooping on your communications. Blackphone will come with a set ...

If you invite guest users into your Entra ID tenant, you may be opening yourself up to a surprising risk.  A gap in access control in Microsoft Entra's subscription handling is allowing guest users to create and transfer subscriptions into the tenant they are invited into, while maintaining full ownership of them.  All the guest user needs are the permissions to create subscriptions in their home tenant, and an invitation as a guest user into an external tenant. Once inside, the guest user can create subscriptions in their home tenant, transfer them into the external tenant, and retain full ownership rights. This stealthy privilege escalation tactic allows a guest user to gain a privileged foothold in an environment where they should only have limited access. Many organizations treat guest accounts as low-risk based on their temporary, limited access, but this behavior, which works as designed, opens the door to known attack paths and lateral movement within the resource t...