Vulnerabilities exist in two fairly popular alternative browsers for Android – Dolphin and Mercury — that depending on the browser could result in either remote code execution or arbitrary read/write access.
Browsing Category: Mobile Security
Apple patched an issue last week in iOS that could have allowed attackers to bypass the third-party app-sandbox protection mechanism on devices and read arbitrary managed preferences via a special app.
Dennis Fisher and Mike Mimoso talk about the news from Black Hat, car hacking, the Mary Ann Davidson blog post, and the Android security mess.
The OwnStar attack that hacker Samy Kamkar revealed late last month can be used against not only GM vehicles, but cars manufactured by Mercedes-Benz, BMW, and Chrysler, as well. The attack allows Kamkar to intercept the traffic from nearby mobile phones that have specific apps open that control safety and security features on their vehicles.[…]
The Android security team at Google is having a busy month. First the Stagefright vulnerabilities surfaced last month just before Black Hat and now researchers at MWR Labs have released information on an unpatched vulnerability that allows an attacker to bypass the Android sandbox. The vulnerability lies in the way that the Google Admin application[…]
A Stagefright vulnerability patch is incomplete and Android devices remain exposed. Google has made a new patch open source and will update devices over-the-air next month.
Google has patched a severe Android serialization vulnerability that exposes more than half of devices to takeover.
At Black Hat, two recent Boston University computer engineering graduates revealed software and hardware hacks against the latest versions of the popular Square Reader.
Google is changing the way that it updates its Nexus Android phones and will now send out monthly over-the-air updates to users.
Dennis Fisher and Mike Mimoso discuss the hacked sniper rifle, the huge Android bug in Stagefright, Samy Kamkar’s OwnStar device, and the joy and pain of next week’s Black Hat conference.