#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
Get the Free Newsletter
android debugging | Breaking Cybersecurity News | The Hacker News
Thousands of Android Devices Running Insecure Remote ADB Service
Jun 12, 2018
Despite warnings about the threat of leaving insecure remote services enabled on Android devices, manufacturers continue to ship devices with open ADB debug port setups that leave Android-based devices exposed to hackers. Android Debug Bridge (ADB) is a command-line feature that generally uses for diagnostic and debugging purposes by helping app developers communicate with Android devices remotely to execute commands and, if necessary, completely control a device. Usually, developers connect to ADB service installed on Android devices using a USB cable, but it is also possible to use ADB wirelessly by enabling a daemon server at TCP port 5555 on the device. If left enabled, unauthorized remote attackers can scan the Internet to find a list of insecure Android devices running ADB debug interface over port 5555, remotely access them with highest "root" privileges, and then silently install malware without any authentication. Therefore, vendors are recommended to make
Another Shady App Found Pre-Installed on OnePlus Phones that Collects System Logs
Nov 16, 2017
The OnePlus Saga Continues… Just a day after the revelation of the hidden Android rooting backdoor pre-installed on most OnePlus smartphones, a security researcher just found another secret app that records tons of information about your phone. Dubbed OnePlusLogKit , the second pre-installed has been discovered by the same Twitter user who goes by the pseudonym " Elliot Alderson " and discovered the controversial " EngineerMode " diagnostic testing application that could be used to root OnePlus devices without unlocking the bootloader. OnePlusLogKit is a system-level application that is capable of capturing a multitude of things from OnePlus smartphones, including: Wi-Fi, NFC, Bluetooth, and GPS location logs, Modem signal and data logs, hot and power issue logs, list of the running processes, list of running service and battery status, media databases, including all your videos and images saved on the device. Unlike EngineerMode (which was found
Guide: How to Minimize Third-Party Risk With Vendor Management
Vendor Risk Management
Manage third-party risk while dealing with challenges like limited resources and repetitive manual processes.
AI Solutions Are the New Shadow IT
Nov 22, 2023
AI Security / SaaS Security
Ambitious Employees Tout New AI Tools, Ignore Serious SaaS Security Risks Like the SaaS shadow IT of the past, AI is placing CISOs and cybersecurity teams in a tough but familiar spot. Employees are covertly using AI with little regard for established IT and cybersecurity review procedures. Considering ChatGPT's meteoric rise to 100 million users within 60 days of launch , especially with little sales and marketing fanfare, employee-driven demand for AI tools will only escalate. As new studies show some workers boost productivity by 40% using generative AI , the pressure for CISOs and their teams to fast-track AI adoption — and turn a blind eye to unsanctioned AI tool usage — is intensifying. But succumbing to these pressures can introduce serious SaaS data leakage and breach risks, particularly as employees flock to AI tools developed by small businesses, solopreneurs, and indie developers. AI Security Guide Download AppOmni's CISO Guide to AI Security - Part 1 AI evoke
Befriend Your Mom with Technology
Explain cybersecurity with Moonlock
Discover Our Unparalleled Threat Detection Capabilities
Try Fidelis Elevate for 30 days and discover threats your current provider missed.
Webinar: A New Approach to Mitigating Insider Risks
Learn how you can easily mitigate the modern security risks introduced by your employees.
Advance in the Field of Cybersecurity with Georgetown
Learn cybersecurity strategies from the experts. Attend a sample class on Nov. 30.
Join 120,000+ Professionals
Sign up for free and start receiving your daily dose of cybersecurity news, insights and tips.