smartphone hacking | Breaking Cybersecurity News | The Hacker News

Firefox OS is a mobile operating system based on Linux and Mozilla 's Gecko technology, whose environment is dedicated to apps created with just HTML, CSS, and JavaScript. After almost two years of development, a few months back Mozilla officially launched their Firefox OS devices in stores and now the first Malware for the brand new platform is available. Shantanu Gawde , 17-years-old, an Independent Security Researcher is going to demonstrate the very first known malware for Firefox OS at the upcoming Information Security Summit - The Ground Zero (G0S) 2013, to be held on November 7th - 10th, 2013 at The Ashok, New Delhi. Firefox OS is different - Every app in Firefox OS including the Camera and the Dialer is a web app, i.e. a website in the form of an app. Simple! Mozilla has developed Web APIs so that HTML5 apps can communicate with the device's hardware and Shantanu has used the same APIs intentionally to exploit the device for malicious purpose. Basically,

Researchers at the University of Alabama at Birmingham (UAB) presented the research that it is possible to trigger malware hidden in mobile devices using music, lighting, or vibration. In a research paper titled " Sensing-Enabled Channels for Hard-to-Detect Command and Control of Mobile Devices ", the researchers reported that they triggered malware hidden in mobile devices using music from 17 meters away in a crowded hallway. Malware once activated would carry out programmed attacks either by itself or as part of a wider botnet of mobile devices. Presenting their findings at a conference earlier this month, the researchers explained how sensors in ubiquitous mobile devices have opened the door to a new generation of mobile malware that unsuspecting users unwittingly downloaded onto their devices. Since the trigger needs to be relatively close to the smartphone to active any hidden malware, any threats would be limited to the local environment. " We showed that these sensory channe

Over the past two years, a shocking  51% of organizations surveyed in a leading industry report have been compromised by a cyberattack.  Yes, over half.  And this, in a world where enterprises deploy  an average of 53 different security solutions  to safeguard their digital domain.  Alarming? Absolutely. A recent survey of CISOs and CIOs, commissioned by Pentera and conducted by Global Surveyz Research, offers a quantifiable glimpse into this evolving battlefield, revealing a stark contrast between the growing risks and the tightening budget constraints under which cybersecurity professionals operate. With this report, Pentera has once again taken a magnifying glass to the state of pentesting to release its annual report about today's pentesting practices. Engaging with 450 security executives from North America, LATAM, APAC, and EMEA—all in VP or C-level positions at organizations with over 1,000 employees—the report paints a current picture of modern security validation prac

More than 50 millions of Smartphone users worldwide are facing a risk posed by a critical flaw in Viber app. The security company Bkav announced that it has found a way to gain full access to Android phones using the popular Viber messaging app. Unlike the Samsung lockscreen issue we reported on earlier, this attack doesn't take any fancy finger work. Instead, all it needs is two phones, both running Viber, and a phone number. " The way Viber handles to popup its messages on smartphones' lock screen is unusual, resulting in its failure to control programming logic, causing the flaw to appear, " said Mr. Nguyen Minh Duc, Director of Bkav's Security Division. Steps to exploit: Send Viber message to victim Combine actions on Viber message popups with tricks like using victim's notification bar, sending other Viber messages, etc. to make Viber keyboard appear Once Viber keyboard has appeared, to fully access the device, create misse

It appears as if another malware scare has come to Android . Lookout Security said on Friday that it has discovered a new family of malware called BadNews .  Malware that avoided detection and made its way onto the Google Play store has been downloaded around 9 million times by users from all over the world. The company uncovered the malware in 32 applications listed by four different developer accounts on Google Play. Google was notified and the company removed the affected apps and killed the developer accounts associated with them. In their report, firm describes the malware: " BadNews masquerades as an innocent, if somewhat aggressive advertising network. This is one of the first times that we've seen a malicious distribution network clearly posing as an ad network. Because it's challenging to get malicious bad code into Google play, the authors of Badnews created a malicious advertising network, as a front, that would push malware out to infected devices

After a series of security issues, it appears that Apple still has not been able to resolve all the issue in iOS . Last week, Apple rolled out its iOS 6.1.2 update to owners of the iPhone, iPad and iPod touch in an effort to fixing the 3G connectivity and an Exchange calendar bugs. Hackers found an iOS 6 bug two weeks ago that allowed thieves into your phone, but only the Phone app and the features contained within could be accessed. Just after that, recently another screen lock bypass vulnerability  reported  in iOS 6.1 by Vulnerability Lab . This vulnerability allows users to bypass the lock screen pass code and access the phones photos and contacts. Researchers say the vulnerable device can be plugged into a computer via USB and access data like voice mails, pictures, contacts, etc.  This particular vulnerability was shared in detail over in a YouTube video for the masses, you can see the video tutorial as shown below: Steps to Follow: Connect your device

Apple has faced a number challenges over the last year related to software errors and flaws on its flagship iPhone. According to a latest video posted on YouTube  iPhone and iPad users running the latest iOS 6.1 platform can bypass the lock screen, even when a password is set. Basically, he found that by attempting and canceling an emergency call on the iPhone, holding the lock button and then taking a screenshot took him past the stage where he should have had to enter a password to access the phone. The flaw is relatively easy to exploit and this lets you bypass the security code and use the full Phone app. From there you have access to the address book, and the pictures app by trying to change a contacts picture. Apple promised to fix the iOS 6.1 iOS Exchange bug in a forthcoming software update so perhaps they'll fix this annoying glitch as well. Steps to follow: First part: -Go to emergency call, push down the power button and tap cancel. -Dial 112 and tap gre