Wednesday, May 7, 2025
HomeCyber AttackCybersecurity and Your Phone Today

Cybersecurity and Your Phone Today

Published on

SIEM as a Service

Follow Us on Google News

Recently, Samsung has rolled out security updates for its mobile devices to fix some critical security vulnerabilities. Samsung has published the official changelog mentioning many of the vulnerabilities of all the latest over-the-air. This is particularly important when youwant to sell an old mobile phone. This security update has many vulnerability patches that fix all sorts of critical vulnerabilities in many versions of Android Operating Systems. Among all the vulnerabilities, the most affecting one was CVE-2020-0240. It is a remote code execution vulnerability produced by an ‘integer overflow’ bug in the Android Operating System.

According to researchers, this vulnerability would enable a remote attacker to gain full authority over your device. Experts have advised all the users to update their android devices instantly so that they can safeguard themselves against these bugs and secure their devices fully. Users have also been advised to make sure that their devices’ ‘auto-update’ settings have been enabled.

Some Background Information

Cybersecurity is the term used to describe protection of computer systems and networks from the theft of or damage to their hardware, software or electronic data, as well as from the disruption or misdirection of the services they provide. The term can also be known as computer security or Information Technology Security. This field is becoming increasingly important due to increased reliance on computer systems, the internet, the wireless network standards such as Bluetooth and Wi-fi, and due to the growth of smart devices, including smart phones, televisions and the various devices that constitute the ‘internet of things’. Owing to its complexity, cybersecurity is also one of the major challenges in today’s world. Cybersecurity is meant to address the issues of vulnerabilities.

- Advertisement - Google News

A vulnerability is a weakness in design, implementation, operation or internal control. Most of the vulnerabilities that have been discovered are documented in the Common Vulnerabilities and Exposures (CVE) database as have been mentioned earlier. Examples include:

Backdoor: This is any secret method of bypassing normal authentication or security controls. They may exist for a number of reasons, including by original design or from poor configuration. They may have been added by an authorized party to allow some legitimate access, or by an attacker for malicious reasons; but regardless of the motives for their existence, they create a vulnerability. Backdoors can be very difficult to detect and detection of backdoors are usually discovered by someone who has access to application source code or intimate knowledge of the computer’s Operating System.

Denial-of-service Attack: DDOS is designed to make a machine or network resource unavailable to its intended users. Attackers can deny service to individual victims, such as by deliberately entering a wrong password enough consecutive times to cause the victim’s account to be locked, or they may overload the capabilities of a machine or network and block all users at once.

Direct-access Attacks: This is a situation whereby an unauthorized user gains physical access to a computer which is most likely able to directly copy data from it. They may also compromise security by making operating system modifications, installing software worms, keyloggers, covert listening devices or using wireless mice. Even when the system is protected by standard security measures, these may be able to be bypassed by booting another operating system or tool from a CD-ROM or other bootable media. Disc encryption and Trusted Platform Modules are designed to prevent these attacks.

Eavesdropping: This is the act of surreptitiously listening to a private computer ‘conversation’ (communication), typically between hosts on a network. For instance, programs such as Carnivore and NarusInSight have been used by FBI and NSA to eavesdrop on the systems of internet service providers. Even machines that operate as a closed system (i.e. with no contact to the outside world) can be monitored using faint electromagnetic transmissions generated by the hardware; TEMPEST is a specification by the NSA referring to these attacks.

Needless to say, people who frequently trade in old mobile phones must understand the security risk involved. Also, businesses that are into mobile phone recycling should educate their customers on what they must do before bringing in their phones.

Multi-vector, Polymorphic Attacks: Surfacing in 2017, a new class of multi-vector, polymorphic cyber threats surfaced that combined several types of attacks and changed form to avoid cybersecurity controls as they spread. These threats have been classified as fifth-generation cyberattacks.

Other vulnerabilities include Phishing, Privilege escalation, Reverse Engineering, Social Engineering, Spoofing and Tampering. 

And as you may already know, your phone is usually the most common device that could expose you to cybersecurity breaches. It means you have to be careful with your mobile device whether you are trying to buy an iPhone or sell one.

When I wanted to sell my mobile phone, I set out to take care of any possible loophole in the device. It is very important that these cybersecurity checks are put in place to avoid making your private information available for unauthorized usage. This is the reason it is necessary to return your old mobile phones to factory setting before proceeding to dispose of them.

Latest articles

BFDOOR Malware Targets Organizations to Establish Long-Term Persistence

The BPFDoor malware has emerged as a significant threat targeting domestic and international organizations,...

Uncovering the Security Risks of Data Exposure in AI-Powered Tools like Snowflake’s CORTEX

As artificial intelligence continues to reshape the technological landscape, tools like Snowflake’s CORTEX Search...

UNC3944 Hackers Shift from SIM Swapping to Ransomware and Data Extortion

UNC3944, a financially-motivated threat actor also linked to the group known as Scattered Spider,...

Over 2,800 Hacked Websites Targeting MacOS Users with AMOS Stealer Malware

Cybersecurity researcher has uncovered a massive malware campaign targeting MacOS users through approximately 2,800...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Popular Instagram Blogger’s Account Hacked to Phish Users and Steal Banking Credentials

A high-profile Russian Instagram blogger recently fell victim to a sophisticated cyberattack, where scammers...

Ransomware Attacks on Food & Agriculture Industry Surge 100% – 84 Attacks in Just 3 Months

The food and agriculture industry is facing an unprecedented wave of cybersecurity threats in...

Hackers Targeting Schools and Universities in New Mexico with Cyber Attacks

A major cyberattack on the Coweta County School System's computer network occurred late Friday night, which is a worrying development for New Mexico's educational institutions. The unauthorized intrusion, detected around 7:00 p.m., prompted immediate action from the school...