#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
Get the Free Newsletter
Stagefright vulnerability | Breaking Cybersecurity News | The Hacker News
Beware! Your iPhone Can Be Hacked Remotely With Just A Message
Jul 20, 2016
In Brief Do you own an iPhone? Mac? Or any Apple device? Just one specially-crafted message can expose your personal information, including your authentication credentials stored in your device's memory, to a hacker. The vulnerability is quite similar to the Stagefright vulnerabilities , discovered a year ago in Android, that allowed hackers to silently spy on almost a Billion phones with just one specially-crafted text message. Cisco Talos senior researcher Tyler Bohan, who discovered this critical Stagefright-type bug in iOS, described the flaw as "an extremely critical bug, comparable to the Android Stagefright as far as exposure goes." The critical bug (CVE-2016-4631) actually resides in ImageIO – API used to handle image data – and works across all widely-used Apple operating systems, including Mac OS X, tvOS, and watchOS. All an attacker needs to do is create an exploit for the bug and send it via a multimedia message (MMS) or iMessage inside a Tagg
New Exploit to 'Hack Android Phones Remotely' threatens Millions of Devices
Mar 17, 2016
Attention Android users! Millions of Android devices are vulnerable to hackers and intelligence agencies once again – Thanks to a newly disclosed Android Stagefright Exploit . Yes, Android Stagefright vulnerability is Back… …and this time, the Stagefright exploit allows an attacker to hack Android smartphones in 10 seconds just by tricking users into visiting a hacker's web page that contains a malicious multimedia file. A group of security researchers from Israel-based research firm NorthBit claimed it had successfully exploited the Stagefright bug that was emerged in Android last year and described as the "worst ever discovered" . The new Stagefright exploit, dubbed Metaphor , is detailed in a research paper [ PDF ] that guides bad guy, good guy as well as government spying agencies to build the Stagefright exploit for themselves. Just yesterday, we reported about critical vulnerabilities in Qualcomm Snapdragon chip that could be exploited
Guide: How to Minimize Third-Party Risk With Vendor Management
Vendor Risk Management
Manage third-party risk while dealing with challenges like limited resources and repetitive manual processes.
AI Solutions Are the New Shadow IT
Nov 22, 2023
AI Security / SaaS Security
Ambitious Employees Tout New AI Tools, Ignore Serious SaaS Security Risks Like the SaaS shadow IT of the past, AI is placing CISOs and cybersecurity teams in a tough but familiar spot. Employees are covertly using AI with little regard for established IT and cybersecurity review procedures. Considering ChatGPT's meteoric rise to 100 million users within 60 days of launch , especially with little sales and marketing fanfare, employee-driven demand for AI tools will only escalate. As new studies show some workers boost productivity by 40% using generative AI , the pressure for CISOs and their teams to fast-track AI adoption — and turn a blind eye to unsanctioned AI tool usage — is intensifying. But succumbing to these pressures can introduce serious SaaS data leakage and breach risks, particularly as employees flock to AI tools developed by small businesses, solopreneurs, and indie developers. AI Security Guide Download AppOmni's CISO Guide to AI Security - Part 1 AI evoke
Samsung Get Sued for Failing to Update its Smartphones
Jan 22, 2016
One of the world's largest smartphone makers is being sued by the Dutch Consumers' Association (DCA) for its lack in providing timely software updates to its Android smartphones. This doesn't surprise me, though. The majority of manufacturers fail to deliver software updates for old devices for years. However, the consumer protection watchdog in The Netherlands, The Dutch Consumentenbond, filed a lawsuit against Samsung, due to the manufacturer's grip over the local market compared to other manufacturers. Last year, the discovery of the scary Stagefright Security Bug , which affected over 1 Billion Android devices worldwide, forced Samsung to implement a security update process that " fast tracks the security patches over the air when security vulnerabilities are uncovered a security update process that " fast tracks the security patches over the air when security vulnerabilities are uncovered, " and that the security updates will
Google releases Security Patch for Android Stagefright 2.0 Vulnerability
Oct 06, 2015
Google reportedly fixed the latest round of Stagefright vulnerabilities in Android, pushing its latest over-the-air (OTA) update to Nexus devices. Last week, researchers warned of Stagefright 2.0 vulnerability that affected more than one Billion Android devices dating back to the latest versions of the Android operating system. The Stagefright bugs allowed hackers to take control of affected Android devices by sending a malicious audio or video file. In April, Zimperium researchers disclosed the first Stagefright vulnerability that allowed hackers to hijack any Android smartphones with just a simple text message ( exploit code ). As promised, Google on Monday pushed a patch that fixes the holes in Stagefright media playback engine used by Android to process, record and play multimedia files such as PDFs. The patch fixes 30 vulnerabilities in total, which includes: 14 critical vulnerabilities in Stagefright library 5 Remote Code Execution bugs 8 Eleva
Stagefright Bug 2.0 — One Billion Android SmartPhones Vulnerable to Hacking
Oct 01, 2015
Attention Android users! More than 1 Billion Android devices are vulnerable to hackers once again – Thanks to newly disclosed two new Android Stagefright vulnerabilities . Yes, Android Stagefright bug is Back… …and this time, the flaw allows an attacker to hack Android smartphones just by tricking users into visiting a website that contains a malicious multimedia file, either MP3 or MP4. In July, Joshua Drake, a Security researcher at Zimperium revealed the first Stagefright bug that allowed hackers to hijack Android smartphones with just a simple text message ( exploit code ). How Stagefright Bug 2.0 Works Both newly discovered vulnerabilities ( CVE-2015-6602 and CVE-2015-3876 ) also reside in the Android Media Playback Engine called ' Stagefright ' and affects all Android OS version from 1 to latest release 5.1.1. Reportedly, merely previewing a maliciously crafted song or video file would execute the Stagefright Bug 2.0 exploit , allowing h
Befriend Your Mom with Technology
Explain cybersecurity with Moonlock
Discover Our Unparalleled Threat Detection Capabilities
Try Fidelis Elevate for 30 days and discover threats your current provider missed.
Webinar: A New Approach to Mitigating Insider Risks
Learn how you can easily mitigate the modern security risks introduced by your employees.
Advance in the Field of Cybersecurity with Georgetown
Learn cybersecurity strategies from the experts. Attend a sample class on Nov. 30.
Join 120,000+ Professionals
Sign up for free and start receiving your daily dose of cybersecurity news, insights and tips.