Stagefright: Android Hack Puts 950 Million Users At Risk

BY
Category:

 

Researchers at Zimperium zLabs have uncovered a series of vulnerabilities affecting Android operating systems that could affect millions.  By simply sending a text message with an infected attachment, a hacker may be able to trigger a remote code execution vulnerability that would allow access to the targeted device.

Reported earlier in April, Joshua Drake, a member of the zLabs research team, discovered what is being called “Stagefright”. Named after the media playback tool in Android, Drake noted that all an attacker would need are mobile phone numbers. From there, an infected Stagefright multimedia message could be texted to unsuspecting devices which would allow the attackers to write code to the device and steal data, including audio, video and photos stored in SD cards.

The vulnerability is said to affect an estimated 950 million phones worldwide. The Android vulnerability affects any phone using Android software made in the last five years, according to Zimperium.

Because of how some applications process incoming text messages, a device could be infected by the remote code execution malware without even knowing that a message had been received.  Drake reported that apps such as Google Hangouts would “trigger immediately before you even look at your phone… before …

Accume’s July Compliance Monthly

BY
Category:

Accume’s July issue of Compliance Monthly is here! The Compliance Monthly newsletter is intended to keep you informed of regulatory changes in advance of their effective date so your institution can have the necessary policies, procedures and processes in place to be compliant at the time of enactment.

Accume’s May Compliance Monthly Newsletter

BY
Category:

Accume’s May issue of Compliance Monthly is here! The Compliance Monthly newsletter is intended to keep you informed of regulatory changes in advance of their effective date so your institution can have the necessary policies, procedures and processes in place to be compliant at the time of enactment.

White House Summit on Cybersecurity and Consumer Protection

BY
Category:

During the recent White House Summit on Cybersecurity and Consumer Protection, President Obama and his staff reinforced the importance of information sharing between private and public sector organizations in the …