QuadRooter: New Android Vulnerabilities in Over 900 Million Devices

 
Check Point today disclosed details about a set of four vulnerabilities affecting 900 million Android smartphones and tablets that use Qualcomm® chipsets. The Check Point mobile threat research team, which calls the set of vulnerabilities QuadRooter, presented its findings in a session at DEF CON 24 in Las Vegas. What is QuadRooter? QuadRooter is a set of four vulnerabilities affecting Android devices built using Qualcomm chipsets. Qualcomm is the world’s leading designer of LTE chipsets with a 65% share of the LTE modem baseband market. If any one of the four vulnerabilities is exploited, an attacker can trigger privilege escalations for the purpose of gaining root access to a ...

Mobile Security Weekly: Behind Masque Attack, Russian Worm Spreading, BlackBerry & Samsung Team Up

 
This week’s issue is dominated by MasqueAttack. The vulnerability, which has caused the US government to issue a security warning for all iOS users, is undoubtedly a major threat. The fact that Apple may have known about it’s existence since July 2014 also poses quite a few pressing questions. Elsewhere, it “business as usual” with another dangerous new Android worm. In an interesting business development, Blackberry and Samsung have formed a new partnership. MasqueAttack has reached Homeland Security Levels of Danger In reaction to the headlines surrounding the mobile world’s newest major threat, the U.S. government released a statement for all iPhone ...

“TowelRoot” Gives Root Access to Samsung Galaxy S5 and other Popular Android Mobile Devices

 
A new vulnerability, codenamed TowelRoot, was recently released for the Linux kernel (CVE-2014-3153)  through version 3.14.5 and it has affected Android 4.4 mobile devices. This vulnerability is extremely prevalent and exists on almost every popular Android device in the market including the very popular Samsung Galaxy S5. This security vulnerability, when exploited, can allow any app to escalate it’s privileges to root (administrator) privileges. This would allow an attacker to bypass the Android security model and: Run malicious code under administrator privileges Retrieve various files and ...