The Hacker News Logo
Subscribe to Newsletter

The Hacker News — Cyber Security and Hacking News Website: how to hack mobile

All OnePlus Devices Vulnerable to Remote Attacks Due to 4  Unpatched Flaws

All OnePlus Devices Vulnerable to Remote Attacks Due to 4 Unpatched Flaws

May 11, 2017Swati Khandelwal
There is a bad news for all OnePlus lovers. A security researcher has discovered four vulnerabilities that affect all OnePlus handsets, including One, X, 2, 3 and 3T, running the latest versions of OxygenOS 4.1.3 (worldwide) and below, as well as HydrogenOS 3.0 and below (for Chinese users). Damn, I am feeling bad, I myself use OnePlus. One of the unpatched vulnerabilities allows Man-in-the-Middle (MitM) attack against OnePlus device users, allowing a remote attacker to downgrade the device’s operating system to an older version, which could then expand the attack surface for exploitation of previously disclosed now-patched vulnerabilities. What's even worse? The other two vulnerabilities also allow an MitM attacker to replace any version of OxygenOS with HydrogenOS (or vice versa), as well as to replace the operating system with a completely different malicious ROM loaded with spying apps. The vulnerabilities have been discovered by Roee Hay of Aleph Research, HCL
Insecure Apps that Open Ports Leave Millions of Smartphones at Risk of Hacking

Insecure Apps that Open Ports Leave Millions of Smartphones at Risk of Hacking

April 29, 2017Mohit Kumar
A team of researchers from the University of Michigan discovered that hundreds of applications in Google Play Store have a security hole that could potentially allow hackers to steal data from and even implant malware on millions of Android smartphones. The University of Michigan team says that the actual issue lies within apps that create open ports — a known problem with computers — on smartphones. So, this issue has nothing to do with your device's operating system or the handset; instead, the origin of this so-called backdoor is due to insecure coding practices by various app developers. The team used its custom tool to scan over 100,000 Android applications and found 410 potentially vulnerable applications — many of which have been downloaded between 10 and 50 Million times and at least one app comes pre-installed on Android smartphones. Here I need you to stop and first let's understand exactly what ports do and what are the related threats. Ports can be eit
Exclusive Deals

Get Daily News Updates By Email

Join over 350,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.