Showing posts sorted by date for query Samsung Galaxy. Sort by relevance Show all posts
Showing posts sorted by date for query Samsung Galaxy. Sort by relevance Show all posts

Samsung Galaxy S III, S II & Note II Vulnerable to Inject Malicious Code Directly into Kernel

Posted by Avik Sarkar On 12/21/2012 07:17:00 pm

Samsung Galaxy S III, S II & Note II Vulnerable to Inject Malicious Code Directly into Kernel

Serious security hole has been discovered in Samsung smartphones. According to a member of XDA-Developer forum named 'alephzain' the vulnerability exists in the Samsung Galaxy S III, Galaxy S II and Galaxy Note II along with several other Samsung devices. As per sources the vulnerability is marked as "severe". This vulnerability could provide a malicious way for remotely downloaded apps to read user data, brick phones and perform other malicious activities. In other words, this hole could allow a malicious app free reign over your smartphone’s memory, and basically take complete control of your device. Prepare tin foil hats. Another XDA-Developer user, supercurio says Samsung has been notified of the security hole, but had not yet acknowledged the issue. That is until this morning when Samsung dropped word to Android Central that they are “currently in the process of conducting an internal review” in reference to the security hole. Supercurio says the potential exists for millions of devices to be in harms way, especially those with Exynos 4210 and 4412 processors that use Samsung code. Another XDA user, Entropy512 adds “this exploit changes things — there is a no root exploit that can be used by an app straight from the market, in the background, with little to no user intervention.” 
While talking about security holes in Samsung phones, then we would like to remind you that few moths ago, researcher have unveiled several android based handsets including Samsung Galaxy S3, S2 were vulnerable to 'remote wipe' hack.   




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

BlackBerry PlayBook The Most Secure Tablet For BYOD Solution

Posted by Avik Sarkar On 10/07/2012 07:39:00 pm

BlackBerry PlayBook The Most Secure Tablet For BYOD Solution

Now a days users of tablet is increasing everyday. Millions of people across the globe are using tablet for both personal and professional purposes. While the number of users and purposes of using tablet are rising, besides the matter of privacy and security arises. There are many companies who are manufacturing tablet, but before choosing, we should know which one is secured than others. According to a recent report by Context Information Security -the PlayBook of BlackBerry is the only device among three top tablets that gives users a good, safe division between their work and personal computing, a recent technology audit concluded.  The report faulted the PlayBook, as well as the Apple iPad and the Samsung Galaxy Tab, for default settings that don't automatically encrypt backups, and for not offering complementary and compatible tools for IT teams to manage a large number of devices at the business level. According to Jonathan Roach, Principal Consultant at Context and author of the report "While the iPad and BlackBerry PlayBook performed better, both still have security deficiencies -- including desktop software that fails to encrypt backups by default." He also said "Context found the PlayBook to be the most work-ready personal tablet of the three, due to its Bridge application's excellent support of barriers between work and personal profiles," 
According to report by contrast, Apple's wildly popular iPad sold more than 17 million units last quarter. Context found the iPad to be the second-most-secure device, citing its "robust data protection and damage limitation facilities," but said on its news page that the device was still vulnerable to jailbreak attacks and "ineffective disk encryption unless a strong passcode policy is applied." 
The report also found the Galaxy Tab's security features to be the least work-play ready, with weak disk-encryption support. The Galaxy Tab's lack of tools tailored to enterprise use makes it "very difficult to manage more than a small number of Galaxy Tabs in an enterprise environment," a point Apple also falls short on. The report criticized the Galaxy Tab's encryption as well. Even with encryption enabled, the report found that Samsung's device still "allows badly-written apps to store sensitive information on the unencrypted SD card." The report also praised all three tablets for their support of Exchange ActiveSync, a feature that allows crucial security settings to be managed from a central server running Microsoft software. But the study noted important differences among the devices that may make some tablets more appropriate for dual use in both the home and the office.
"Despite that security advantage, RIM only managed to ship 130,000 tablets last quarter. By contrast, Apple's wildly popular iPad sold more than 17 million units last quarter. Context found the iPad to be the second-most-secure device, citing its 'robust data protection and damage limitation facilities,' but said on its news page that the device was still vulnerable to jailbreak attacks and 'ineffective disk encryption unless a strong passcode policy is applied" -Jonathan added


To Download the full Report Click Here


-Source (Context Information Security & NBC News)


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Samsung Galaxy S3, S2 & HTC Android Phones are Vulnerable to 'remote wipe' Hack

Posted by Avik Sarkar On 9/29/2012 02:33:00 am

Samsung Galaxy S3, S2 & HTC Android Phones are Vulnerable to 'remote wipe' Hack

Yet again a large number of Android users have been warned of a security hole. Security experts have uncovered that millions of Android handsets including the Samsung Galaxy S3, Galaxy S2, HTC One X and HTC Desire can be wiped just by visiting a malicious website that embeds particular code in weblinks. A user with a vulnerable handset who visits a page and clicks a link containing the malicious code would see their phone wiped, losing personal data such as photos and texts as well as repleaceable data such as contact details and apps. The flaw is caused by a security hole in some versions of Android's dialler software, which allows the "tel:" URL prefix to be used on a webpage to perform functions on the phone's dialling software. Normally that is useful for functions such as initiating a call on the handset directly from a site. But the tel: prefix can also be used to pass a string of non-numeric data to the dialler.
Special strings of characters can perform other functions; for example typing #06# on the dialler will display a phone's IMEI number. The flaw exploits a string that activates a factory reset of some phones because they do not force a user interaction before carrying out the function encoded in the string. The code would have to be embedded as a link to cause the user to activate it - but it would be easy to represent it as an innocent link to Google or any site. Pressing the link would initiate the wipe.
Users of vulnerable handsets may be able to install a third-party dialler and make that the default as protection against the "remote wipe" attack. Experts also pointed out that not all Android handsets have the capability for a remote wipe built in - although the number of models discovered with the vulnerability has grown since it became known on Tuesday.
Dylan Reeve, a New Zealand-based TV editor who first brought the flaw to wide notice, says that Samsung Galaxy phones which use Android 4.1 will be safe from the hack. But that still leaves millions of Galaxy S2 and some S3 models which will not have had the correct revision of the firmware rolled out to them and which could be hit.  
Though the vulnerability was fixed in Android's core code earlier this year, that code has not been propagated to every handset in use. The fact that the flaw existed in handsets from Samsung and HTC - the two biggest vendors of Android handsets - also suggests that a huge number of existing handsets could include the outdated code.

Samsung said in a statement that it has already provided a patch for the Galaxy S3, but it is not clear how long that will take for operator approval and rollout. In general software updates to any phone have to first be tested and approved by the carrier supporting the phone. Samsung said it is testing a patch for the Galaxy S2, but had no information on when it will be available or how it will be distributed. But HTC has issued a statement saying that "our devices do not support a USSD code to factory reset option." This means that they should not be vulnerable to the exploit described below.


-Source (Guardian)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

NQ Mobile Security & Antivirus (Advanced Security Tool For Android)

Posted by Avik Sarkar On 1/10/2012 06:49:00 pm


NQ Mobile Security has released a security tool & Antivirus to remove malware, Spyware & Viruses. Award wining mobile security and privacy protection company NQ has claimed that NQ Mobile Security will protect your android phone and tablet from viruses, malware, spyware, trojans and phone hacking. Download NQ Mobile Security & Antivirus is a free Antivirus which will enhance your privacy protection, phone locator, data backup, safe browsing, traffic monitoring and safe apps recommendations for your Samsung Galaxy, HTC Desire, HTC Evo, LG Optimus, Motorola Droid, Milestone, Huawei etc.

Video Demonstration:-



Key Features:- 


ANTIVIRUS & SECURITY PROTECTION:-
  • Antivirus: blocks viruses, malware, spyware and trojans, and uninstalls malicious apps to protect you from phone hacking
  • Safe browsing: protects you from phishing, fraud sites and malware while browsing the Internet
  • Safe download: scans apps in real-time during download
  • FREE virus database update ensures you’re always protected from the latest threats

NETWORK MANAGER:-
  • Traffic monitoring: provides real-time updates on data usage to ensure you don’t go over your plan’s limits
  • Traffic usage trends and statistics over the past 30 days
  • Traffic consumption ranking of the apps
  • Monitors traffic usage details of your apps

PRIVACY PROTECTION:-
  • Privacy protection: monitors apps that access your private data without your permission

SYSTEM OPTIMIZATION:-
  • One-touch device optimization: ensures your Android phone is running at top speed by closing apps that run in the background without your knowledge
  • Traffic monitoring: provides real-time updates on data usage to ensure you don’t go over your plan’s limits

BACKUP & RESTORE:-
  • Backup & restore: allows you to easily backup and retrieve contacts and messages on mobile phones running on different operating systems, including iOS, Android, BlackBerry or Nokia phone and manages your backup data from web with a free account at NQ Space (i.nq.com)

FIND YOUR PHONE:- 
  • Remotely locate your lost phone


NQ Mobile Security is freely available to download from Android Market




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Security Flaws in Android 4.0 (ICS)

Posted by Avik Sarkar On 11/18/2011 08:04:00 pm


Facial reorganization to unlock can easily be bypassed with simple photo trick in Android 4.0 (Ice Cream Sandwich). Recently a blogger named "soyacincau" demonstrated about he vulnerability and showed how easily any one can bypass the facial reorganization. He took a photo of himself using another phone and held it up to the front facing camera on the Samsung Galaxy Nexus, the first smartphone to run Android 4.0, which was then unlocked. In ocotober a developer of CyanogenMod also concluded the same thing. 

Video Demonstrations:-



Later A Google spokesperson told that the feature is considered to be experimental and offers little security. According to the news site, the user interface for the Face Unlock feature also warns users that it is less secure than using a pattern, PIN or password, even going as far as saying "Someone who looks similar to you could unlock your phone". It is unclear if Google will add "Or a photograph of you" to the warning.




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Ice Cream Sandwich (Android 4.0) Source Code Released

Posted by Avik Sarkar On 11/15/2011 08:09:00 pm


Google officially released the source code of long waited Android 4.0 also known as Ice Cream Sandwich (ICS). Although the repositories will also contain the source code of Android 3.x, Honeycomb, it will be scattered through the history of the various files. Honeycomb was not released as open source because, according to Google, the company took numerous shortcuts in the development of the tablet version of Android. The Google developers are not globally tagging (marking in the history) the 3.x releases of Android in the repository. Queru said: "since Honeycomb was a little incomplete, we want everyone to focus on Ice Cream Sandwich", though he later backed off on this position slightly saying he was considering tagging some of the 3.2.x release in the frameworks to help developers. 
The release comes with ICS 4.0.1, the one Galaxy Nexus will ship with, so it’s the latest version. Unfortunately the device build target, full_maguro, can be used for building a system image for the Samsung Galaxy Nexus, though we will get builds for more devices soon, according to Queru. Hopefully developers will be able to port it to other devices pretty soon, because I would really like to see how ICS runs on my Galaxy S II.
There were many rumors that Google will release the Galaxy Nexus at the November 16th event and once with this release we can be nearly sure that’s what the event will be about. All we have to see next is if Google will have more luck with their new device in comparison with the other Nexus-branded smartphones. They will probably be able to take advantage of the fact it will be only ICS smartphone, though I am pretty sure Samsung, HTC, Motorola and all the others will do their best and move fast to release ICS smartphones and updates for the ones currently on the market. Ice Cream Sandwich is the latest and probably the biggest Android update, which unites all devices into one OS and promises a lot of improvements, like speed and battery life. It also comes with exciting new features and an all-new design. It will probably boost Android’s sales even more.

To download the ICS Source Code Click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Skype 2.0 for Android Released and Also Hacked

Posted by Avik Sarkar On 7/02/2011 05:58:00 pm


It was only yesterday when Skype 2.0 for Android was released, but the latest version of the popular instant messenger has already been hacked to allow video calls to be made over Wi-Fi or 3G/4G using non-supported devices as well. Thanks to that, it is not only Google Nexus S, HTC Desire S, Sony Ericsson Xperia neo and Xperia pro owners who can enjoy Skype's newly-added and long-anticipated feature.
The hacked Skype 2.0 version has been intended to run on the Samsung Galaxy S II, and our test showed that it works without a hitch. However, the program has been successfully tried out on a number of other smartphones and tablets. So far, the list of devices that reportedly run the unofficial Skype

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

BackTrack 5 ‘Revolution’ release ups the penetration testing ante

Posted by Avik Sarkar On 5/18/2011 10:58:00 pm


BackTrack,  the GNU/Linux distribution focused on digital forensics and penetration testing, has a new version out, with the public release (on May 10) of BackTrack 5, code-named Revolution, by the BackTrack development team. BackTrack focuses primarily on providing a native environment purely dedicated to hacking. This latest distro was eight months in the making, and boasts of significant improvements over its predecessor.
BackTrack 5 features a comprehensive arsenal of over 350 security-related tools to test everything from Web applications to RFID systems. The new version of BackTrack lives up to its “Revolution”  moniker in that it has been completely overhauled and rewritten from the ground up, providing  users with an optimized platform for penetration testing and digital forensics exercises. For the first time in its development road map, BackTrack now includes support for ARM-based systems — a significantly upgrade.

BackTrack 5 features

A major addition in the new version of BackTrack is the 64-bit offering. BackTrack 5 is based on Ubuntu Lucid Lynx v10.04, the latest long term support (LTS) release using Linux kernel v2.6.38. BackTrack 5 is the first version to be released with the complete source code in its repositories. This addition is expected to clear up licensing issues that existed in the previous Backtrack distros. BackTrack 4 is no longer available for download at the developer’s Website, and support for it has officially been discontinued.
Here is a more detailed look at important features of BackTrack 5.
  • Support for KDE and Gnome
BackTrack 5 boasts of support for KDE Plasma (4.6), Gnome (2.6) and Fluxbox. This makes it much simpler to migrate from Gnome-based distributions. Unifying the desktop environment has the added advantage of an easier learning curve for new users. Streamlined images for each desktop environment (DE) are available on the backtrack website. Tool integration with supported environments is seamless with DE-specific menu structures. However, while Gnome has a smaller memory footprint and is less resource hungry, the Gnome versions lack default package managers, which need to be added separately.
KDE plasma desktop used in BackTrack 5

  • 32-bit and 64-bit support
The addition of 64-bit support in BackTrack 5 makes it possible to tap additional power for processor-intensive tasks such as brute force password cracking. The 32-bit and 64-bit images support various boot modes, including a “Stealth” mode that boots without generating network traffic and a “Forensics” mode for forensic purposes.
  •  ARM architecture support
 An ARM image of BackTrack 5 is available, having officially been tested on the Motorola Xoom tablet and the Motorola Atrix 4G smart phone by the developers. Custom chroot scripts are already available to run BackTrack 5 on Android systems with ARM processors.
Users have successfully deployed BackTrack 5 on Samsung Galaxy S and Sony Xperia smart phones. However, there are still some issues with these systems and not all features are available. There are known issues with wireless drivers on ARM-based systems including lack of support, for  WiFi packet injection.

BackTrack 5 on a Motorola Atrix 4G
Anant Srivastava, a Mumbai-based software developer and member of the null community, was one of the first to successfully run BackTrack 5 on a Sony Xperia X10. Srivastava used a rooted Xperia x10 running Android 2.2 (Froyo) with an Android terminal application and an Android VNC viewer.


  • Packaged tools
BackTrack 5’s arsenal of tools have been upgraded to the latest versions. BackTrack 5 comes preloaded with tools for LAN and WLAN sniffing, vulnerability scanning, digital forensics and password cracking. The Metasploit exploit framework v3.7.0 has been packaged into BackTrack 5. The tools are organized into a comprehensive menu structure, streamlined to comply with the PTES and OSSTMM standards.

Conclusion

BackTrack 5 promises to surpass previous versions in terms of functionality and stability. However, users have raised concerns over the discontinued support for Ubuntu repositories. BackTrack 5 instead uses its own repositories, which have been benchmarked to work with its tools. The BackTrack 5 team justified this move by highlighting performance concerns when the custom features of BackTrack’s tools are used with other repositories, including corruption of the installation. There is no official support for any repository other than that which is provided by the developers.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Adobe releases Flash Player 10.3 update for Windows, Mac, Linux and Android

Posted by Avik Sarkar On 5/14/2011 12:50:00 am



Adobe has released the latest update for Flash Player, version 10.3. The update works with all Flash-enabled platforms, including Windows, Mac OS, Linux and Android, with support for the most recent 3.1 update to Honeycomb. You can nab the download on the web at Adobe.com or through Android Market on your mobile device

The latest Flash update is all about squashing bugs and making things work more smoothly. On the Android side, that means NEON optimizations for OMAP4-based devices (pretty much just the BlackBerry PlayBook for now), various fixes for the Samsung Galaxy S, HTC EVO and some Motorola devices and some optimizations for Android 3.0+. All of the fixes are detailed on Adobe’s Android patch notes page. There are a variety of fixes on the non-mobile side as well, along with a handful of new features.
In addition to some new developer tools for measuring video and acoustic echo cancellation, there are also now new controls for managing local storage that have been integrated directly into your browser’s privacy settings, with support for Mozilla Firefox 4, Microsoft Internet Explorer 8 and higher, Google Chrome 11 and “a future release of Apple Safari.” The update also adds a dedicated Flash Player Settings Manager to Control Panels/System Preferences on Windows, Mac and Linux computers, and auto-updated notifications for Mac OS. 
Download Adobe Flash Player 10.3

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search