1662 matches found
Why 'Zero Day' Android Hacking Now Costs More Than iOS Attacks
Brokers of so-called zero day exploits are paying out more for Android than iOS—which would have been unthinkable until recently...
WARNING — Malware Found in CamScanner Android App With 100+ Million Users
Beware! Attackers can remotely hijack your Android device and steal data stored on it, if you are using free version of CamScanner , a highly-popular Phone PDF creator app with more than 100 million downloads on Google Play Store. So, to be safe, just uninstall the CamScanner app from your Androi...
Google Android Media Framework Input Validation Error Vulnerability (CNVD-2019-40854)
Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. Media Framework is one of the multimedia development frameworks. A security vulnerability exists in Media framework in Android. An attacker can exploit this vulnerability to cause a...
Android Users Can Now Log in to Google Services Using Fingerprint
If you're using Chrome on Android, you can now sign-in to your Google account and some of the other Google services by simply using your fingerprint, instead of typing in your password every time. Google is rolling out a new feature, called "local user verification," that allows you to log in to...
Android July 2019 Security Update Patches 33 New Vulnerabilities
Google has started rolling out this month's security updates for its mobile operating system platform to address a total of 33 new security vulnerabilities affecting Android devices, 9 of which have been rated critical in severity. The vulnerabilities affect various Android components, including...
AndroidSecNotes
It is an offensive tool for Android. The repository contains learning notes about Android Security, specifically about the Android Runtime ART and its debugging tools. The notes cover the format of Dex files, the ART runtime, and the Hook framework. The notes mention the use of the "oatdump" tool...
CVE-2019-1989
In ih264dfmtconv420spto420p of ih264dformatconv.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0...
Android's Built-in Security Key Now Works With iOS Devices For Secure Login
In April this year, a software update from Google overnight turned all Android phones, running Android 7.0 Nougat and up, into a FIDO-certified hardware security key as part of a push to encourage two-step verification. The feature made it possible for users to confirm their identity when logging...
Tap 'n Ghost Attack Creatively Targets Android Devices
Researchers have created a novel proof-of-concept PoC attack named Tap ‘n Ghost, which targets Near Field Communication NFC-enabled Android smartphones. This allows an attacker to take control of a target phone simply by tricking the victim into placing their handset on a specially crafted surfac...
Android Security Bulletin—June 2019Stay organized with collectionsSave and categorize content based on your preferences.
The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2019-06-05 or higher address all of these issues. To learn how to check a device's security patch level, see How to check and update your Android version. Android partner...
Google Patches Critical Remote Code-Execution Flaws in Android
Google patched four remote code-execution RCE flaws as part of its May Android Security Bulletin. Three of the critical bugs are tied to the System portion of the Android platform architecture, responsible for core apps such as the dialer, email and camera. A fourth critical RCE bug opens the doo...
Google's April Android Security Bulletin Warns of 3 Critical Bugs
Google has fixed three critical remote code execution bugs in its Android operating system, which could allow a remote attacker to hijack a vulnerable system simply by sending a malicious file. The flaws are part of Google’s April Android Security Bulletin, which includes patches for three critic...
Android Security Bulletin—April 2019Stay organized with collectionsSave and categorize content based on your preferences.
The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of 2019-04-05 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Android partners are...
CVE-2019-5765
An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted Intent...
Google Boosts Encryption For Low-End Android Devices
Google introduced a new storage encryption solution that it hopes will expand security efforts across its full spectrum of Android-powered devices – including low-end devices that typically can’t support encryption. The new encryption offering, Adiantum, aims to solve a big issue that has plagued...
Android Phones Can Get Hacked Just by Looking at a PNG Image
Using an Android device? Beware! You have to remain more caution while opening an image file on your smartphone—downloaded anywhere from the Internet or received through messaging or email apps. Yes, just viewing an innocuous-looking image could hack your Android smartphone—thanks to three...
CVE-2019-5765
An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted Intent...
Chrome: CVE-2019-5765: 1-click HackerOne account takeover on all Android devices
████████████...
CVE-2018-14985
The Leagoo Z5C Android device with a build fingerprint of sp7731c1h1032v4bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed platform app with a package name of com.android.settings versionCode=23, versionName=6.0-android.20170630.092853 that contains an exported...
CVE-2018-15835
Android 1.0 through 9.0 has Insecure Permissions. The Android bug ID is 77286983...