Some testing recently conducted by Pen Test Partners revealed a man-in-the-middle vulnerability in Samsung smart fridges that could be used to hack into a user’s Gmail account. The Samsung refrigerator that was tested has Wi-Fi capability that among other things, allows a user to display their Gmail calendar on the screen. The Pen Test Partners’ testing showed that although Samsung implemented a Secure Sockets Layer for connections, the fridge was not validating certificates leaving it vulnerable to attack. Read more
While many OnePlus 2 fans are still waiting to get their hands on an actual device thanks to the slow rollout of invites, OnePlus has been busy with its OxygenOS firmware, announcing its first over-the-air (OTA) update that bumps the firmware to version 2.0.1. The OTA includes security patches, bug fixes and other improvements, and we have the changelog after the break.
OnePlus recently announced that it is slowing down the rate at which it issues invites for its 2016 flagship killer, the OnePlus 2, which isn’t great news for its fans. But, on the other hand, it has also just announced that it’s released a firmware update for the OnePlus One to deal with the marauding StageFright exploit. And that is good.
Verizon is pushing Android 5.1.1 and a Stagefright fix to update the Samsung Galaxy S6, Galaxy S6 Edge, and Galaxy Tab 4 10.1.
BlackBerry got a start in the enterprise sector where security and privacy were major concerns for entities that were looking for mobile communications platforms. Over the years, BlackBerry has earned over 70 different government certifications or approvals which is more than any other mobile vendor. With this strong background in mobile security, BlackBerry seems like a natural fit for the National Cyber Security Alliance (NCSA), but they are only just now joining according to an announcement made today.
NCSA’s executive director Micheal Kaiser says the organization welcomes “the unique perspective that BlackBerry brings to the NCSA, and we look forward to working with BlackBerry to solve cybersecurity challenges, particularly as they relate to mobility and the Internet of Things.” Meanwhile, BlackBerry’s Edward Hearst, vice president of U.S. Government Business Development, says BlackBerry hopes to share “knowledge and insights to further advance efforts to ensure that the mobile experience is safe and secure for users, no matter what devices they have or information they access.”
source: National Cyber Security Alliance (PR)
You’ve probably heard about the latest Android vulnerability that apparently affects over 900 million Android devices. It’s called StageFright, and the worry is that malware can be embedded in a video that could then run roughshod in your device without you initiating any action whatsoever. The malware ridden video would be sent by MMS and your device would download it automatically, thanks to the auto retrieve setting being ticked in settings of the messaging app. While most carriers are waiting for phone manufacturers to issue software patches to block the exploit, Germany’s Deutsche Telekom is taking a more pro-active approach by disabling the MMS auto-retrieve function itself.
Sprint is pushing an update to its Nexus 5 and 6 devices to fix the Stagefright vulnerability. There is no specific SKU for Sprint on either phone, so the update should apply to all of them.
The new update will be build LMY48I. Sprint and AT&T have also updated many Samsung phones to fix the Stagefright bug as well.
Source: Sprint (1), (2)
Stagefright is a new Android security vulnerability that affects millions of Android devices. It is critical it gets fixed right away. Google is pushing out an update to Nexus phones today, but now AT&T and Sprint are pushing the update to many Samsung phones.
Earlier today, Baido released a new security application in the Play Store called DU Privacy Vault. The app provides a simple and organized way to help Android users lock applications for their personal use. The app can also be used to hide certain photos and videos with a passcode. Once a passcode is set, the user will be prompted to enter it whenever they are trying to gain access to those files. For example, when your friend or child asks to use your phone or tablet, you no longer need to worry about them snooping around to private apps and media.
We’ve got another rumor to throw on top of the Galaxy Note 5 pile. Samsung is reportedly working on increasing mobile security in a handful of ways on the Note 5, including an improved security suite, a better fingerprint scanner, and a new trick that will link security elements to the phone’s processor.
Samsung has always taken security pretty seriously, which is evident by how many high-end phones they ship with KNOX on board, so these rumors seem pretty likely at this point. Read more