CVE-2014-3100

The CVE-2014-3100 issue is a stack-based buffer overflow in Android 4.3’s KeyStore service (encode_key in /system/bin/keystore) that allows arbitrary code execution and may leak sensitive key information or bypass cryptographic operation restrictions when handling an overly long key name. The vul...

Patched Code-Execution Bug Affects Most Android Users

A serious code-execution vulnerability in Android 4.3 and earlier was patched in KitKat, the latest version of the operating system. Researchers at IBM this week disclosed the nature of the vulnerability, which was privately disclosed to the Android Security Team in September and patched last...

Towelroot : One-Click Android Rooting Tool Released By Geohot

Waiting for the root access for your AT&T or Verizon Android phone? Then there is really a Great News for you! Geohot aka George Hotz - a famed cracker who was responsible for hacking the PlayStation 3 and subsequently being sued by Sony - has built and released a root tool called Towelroot on...

Android Outlook App Could Expose Emails, Attachments

There are two issues with the way Microsoft’s Outlook application encrypts content on older versions of Android that could expose users’ emails and email attachments. Paolo Soto, a researcher with the security firm Include Security, said his team initially dug up the vulnerabilities in November...

Google Chrome for Android Detected

Binary data 8092.prm...

Android Fragment Injection vulnerability

Hi, We have recently disclosed a new vulnerability to the Android Security Team. The vulnerability affected many apps, including Settings the one that is found on every Android device, Gmail, Google Now, Dropbox and Evernote. To be more accurate, any App which extended the PreferenceActivity clas...

CVE-2013-6271

CVE-2013-6271 affects Android 4.0–4.3; a vulnerability in com.android.settings.ChooseLockGeneric allows an unprivileged app to bypass restrictions and remove the device lock by invoking updateUnlockMethodAndFinish with PASSWORD_QUALITY_UNSPECIFIED. Exploits/PoC exist (CRT-RemoveLocks; Metasploit ...

[OWASP GoatDroid] Project that will help educate security to application developers Android

OWASP GoatDroid is a fully functional and self-contained training environment for educating developers and testers on Android security. GoatDroid requires minimal dependencies and is ideal for both Android beginners as well as more advanced users. The project currently includes two applications:...

Android su applications privilege escalation

Unsafe environment variables and file descriptors usage...

Android 4.2.x Superuser Shell Character Escape

Vulnerable releases of two common Android Superuser packages may allow malicious Android applications to execute arbitrary commands as root, either without prompting the user or after the user has denied the request: - CyanogenMod/ClockWorkMod/Koush Superuser current releases, including v1.0.2.1 ...

Vendor Customizations Lead to Android Security Issues

When Android phone manufacturers tweak devices and customize phones with special software, apps and code, it has a direct effect on the security of each device. In some cases, the changes made can account for more than 60 percent of vulnerabilities found in devices. That’s according to a paper “T...

Firefox For Android Same-Origin Bypass

CVE Number: CVE-2013-1727 Vender Identifier: MFSA 2013-84 Title: Firefox for Android - Same-origin bypass through symbolic links Affected Software: Prior to v24 confirmed on v14 Credit: Takeshi Terada of Mitsui Bussan Secure Directions, Inc. Issue Status: v24 was released which fixes this...

DHS and FBI Warn About Android Security Threats

The Department of Homeland Security and the FBI are warning police and fire departments as well as emergency medical service providers and other security personnel that out-of-date Android devices pose a serious security risk to those organizations. The warning came via an unclassified memo...

[Drozer] The Leading Security Testing Framework for Android.

drozer enables you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps’ IPC endpoints and the underlying OS. drozer provides tools to help you use and share public Android exploits. It helps you to deploy a droze...

CVE-2013-4787

Android 1.6–4.2 (Donut to Jelly Bean) contains a flaw in verifying APK cryptographic signatures: an APK.modified file with duplicate Zip entries may be installed despite one entry being validated, enabling arbitrary code execution via the Master Key vulnerability. The issue arises from inconsiste...

Pentagon Decision Moves Android Security in Right Direction

Android’s security gets its share of grief, but perhaps it’s been a bit misguided. Like many other popular open source technologies, there are a number of different flavors of the mobile platform, each with its security properties and nuances. That’s why the Pentagon’s decision to endorse the use...

Pentagon Approves Samsung KNOX Android Platform for DoD

Android has long been the outcast of mobile device security largely because hackers have been adept at getting malware onto the platform via third-party application marketplaces and lax submission policies on Google Play. The security of the operating system itself, however, hasn’t been challenge...

Google bans Facebook and other self updating Android apps

Google just released a new Play Store version 4.0.27 that, contains only very minor tweaks and Google has changed the rules of its Google Play Store to put an end to the practice of developers updating their apps through their own means rather than the official Google Play channel. Shortly before...

CVE-2013-2596

Integer overflow in the fbmmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges,...

More from the Kaspersky Lab/Threatpost Security Analyst Summit

Chris Soghoian on Wireless Carriers and Android Security Partial Disclosure Leaves Adobe Reader Zero-Day Story in Limbo Wireless Carriers Put on Notice About Providing Regular Android Security Updates How the RSA Attackers Swung and Missed at Lockheed Martin Scenes from SAS 2012 SAS2013 on Twitte...