Career Technology Cyber Security INDIA

Software Affected • Google Android version prior to 8.0, 8.1, 9, 10 Overview Multiple  vulnerabilities have been reported  in  Google Android  which  could be exploited  by attackers to  gain  elevated privileges, obtain sensitive information  or  execute arbitrary code and cause a denial of service condition on the targeted system. Description These vulnerabilities exist in the Google Android due to the flaws in the Framework, System component and Binder driver and Memory-Map Subsystem components of Kernel.  An attacker could exploit these vulnerabilities by using specially crafted files to execute arbitrary code or to gain access without user interaction. Successful exploitation of these vulnerabilities could allow an attacker to cause a denial of service conditions, gain Elevated Privileges, Obtain Sensitive Information and execute arbitrary code on the targeted system.

What's the solution? The disclosure of the IMP4GT attack comes on the heels of similar research undertaken by academics at Purdue University and the University of Iowa, which uncovered three new security flaws in 4G and 5G networks that can be used to eavesdrop on phone calls and track the locations of cell phone users. The incoming 5G standard, which is being rolled out in a handful of countries, aims to offer faster speeds and long-needed security features, including protection from IMSI catchers. But with hundreds of millions of devices impacted by these flaws, it's imperative that 5G implementations apply more robust security and data protection to fix the vulnerabilities. "Mobile network operators would have to accept higher costs, as the additional protection generates more data during the transmission," David Rupprecht, one of the paper's co-authors, said. "In addition, all mobile phones would have to be replaced, and the base station expanded....

Software Affected • Cisco Smart Software Manager On-Prem releases prior to 7-202001 Overview A vulnerability has been reported in the High Availability (HA) service of  Cisco Smart Software Manager On-Prem could allow an  unauthenticated remote attacker to access a sensitive part of the system with a high -privileged account. Description Cisco Smart Software Manager On-Prem Static Default Credential Vulnerability ( CVE-2020-3158 ) A vulnerability exists in the High Availability  (HA)  service of Cisco Smart Software Manager On-Prem due to a system account that  has a default and static password and is not under the control of the system administrator. An attacker could exploit this vulnerability by using this default account to connect to the affected system. Successful exploitation of this vulnerability could allow the attacker to obtain read and write access to system data, including the configuration of an affected device.

How does the IMP4GT attack work? The researchers carried out the attacks using software-defined radios, which are devices that can read messages between a phone and the base station it's connected to. The man-in-the-middle attack, then, allows a hacker to impersonate a user towards the network and vice versa. In other words, the attacker tricks the network into thinking the radio was, in fact, the phone (uplink impersonation), and also dupes the phone into assuming that the software-defined radio is the legitimate cell tower (downlink impersonation). "The uplink impersonation allows an attacker to establish an arbitrary IP connection towards the Internet, e. g., a TCP connection to an HTTP server. With the downlink variant, the attacker can build a TCP connection to the UE," the researchers said. It's to be noted that the adversary must be in close proximity — in the range of 2km — to the victim's mobile phone to mount the IMP4GT attack. As a conseque...

A group of academics from Ruhr University Bochum and New York University Abu Dhabi have uncovered security flaws in 4G LTE and 5G networks that could potentially allow hackers to impersonate users on the network and even sign up for paid subscriptions on their behalf. The impersonation attack — named "IMPersonation Attacks in 4G NeTworks" (or IMP4GT) — exploits the mutual authentication method used by the mobile phone and the network's base station to verify their respective identities to manipulate data packets in transit. "The IMP4GT attacks exploit the missing integrity protection for user data and a reflection mechanism of the IP stack mobile operating system. We can make use of the reflection mechanism to build encryption and decryption oracle. Along with the lack of integrity protection, this allows us to inject arbitrary packets and to decrypt packets," the researchers explained. The research was presented at the Network Distributed System Sec...

Almost after releasing Microsoft Defender Advanced Threat Protection (ATP) for macOS computers, Microsoft today announced a public preview of its antivirus software for various Linux distributions, including Ubuntu, RHEL, CentOS and Debian. Microsoft is also planning to soon release Defender ATP anti-malware apps for smartphones and other devices running Google's Android and Apple's iOS mobile operating systems. " We know our customers' environments are complex and heterogeneous. Providing comprehensive protection across multiple platforms through a single solution and streamlined view is more important than ever, " the company said. " Next week at the RSA Conference, we'll provide a preview of our investments in mobile threat defense with the work we're doing to bring our solutions to Android and iOS. " I am sure you might have heard this many times that 'Linux doesn't need antivirus software,' but this is not the case anym...

Recently google banned nearly 600 apps from play store for bombarding users with disruptive ads and violating advertising guidelines. The company disruptive ads as "ads that are displayed to users in unexpected ways, including impairing or interfering with the usability of device functions," such as a full-screen ad served when attempting to make a phone call. Goggle didn't name the apps in which apps were blocked but apps were installed more than 4.5 million times the primary target was English -speaking users apps that were developed based on China, Hong Kong, Singapore, and India, according to Buzzfeed news. TROUBLE IN GOOGLE PLAY STORE This is not the first time adware apps have been removed from the Google Play Store. Back in 2018, Cheetah Mobile was accused of turning smartphones into stealthy click farms to engage in ad fraud, leading Google to ban a bunch of its apps from the Play Store. Then last year, it banned app developer Do Global and CooTek ...