Monday, March 4, 2024

Cybersecurity and Your Phone Today

Recently, Samsung has rolled out security updates for its mobile devices to fix some critical security vulnerabilities. Samsung has published the official changelog mentioning many of the vulnerabilities of all the latest over-the-air. This is particularly important when youwant to sell an old mobile phone. This security update has many vulnerability patches that fix all sorts of critical vulnerabilities in many versions of Android Operating Systems. Among all the vulnerabilities, the most affecting one was CVE-2020-0240. It is a remote code execution vulnerability produced by an ‘integer overflow’ bug in the Android Operating System.

According to researchers, this vulnerability would enable a remote attacker to gain full authority over your device. Experts have advised all the users to update their android devices instantly so that they can safeguard themselves against these bugs and secure their devices fully. Users have also been advised to make sure that their devices’ ‘auto-update’ settings have been enabled.

Some Background Information

Cybersecurity is the term used to describe protection of computer systems and networks from the theft of or damage to their hardware, software or electronic data, as well as from the disruption or misdirection of the services they provide. The term can also be known as computer security or Information Technology Security. This field is becoming increasingly important due to increased reliance on computer systems, the internet, the wireless network standards such as Bluetooth and Wi-fi, and due to the growth of smart devices, including smart phones, televisions and the various devices that constitute the ‘internet of things’. Owing to its complexity, cybersecurity is also one of the major challenges in today’s world. Cybersecurity is meant to address the issues of vulnerabilities.

A vulnerability is a weakness in design, implementation, operation or internal control. Most of the vulnerabilities that have been discovered are documented in the Common Vulnerabilities and Exposures (CVE) database as have been mentioned earlier. Examples include:

Backdoor: This is any secret method of bypassing normal authentication or security controls. They may exist for a number of reasons, including by original design or from poor configuration. They may have been added by an authorized party to allow some legitimate access, or by an attacker for malicious reasons; but regardless of the motives for their existence, they create a vulnerability. Backdoors can be very difficult to detect and detection of backdoors are usually discovered by someone who has access to application source code or intimate knowledge of the computer’s Operating System.

Denial-of-service Attack: DDOS is designed to make a machine or network resource unavailable to its intended users. Attackers can deny service to individual victims, such as by deliberately entering a wrong password enough consecutive times to cause the victim’s account to be locked, or they may overload the capabilities of a machine or network and block all users at once.

Direct-access Attacks: This is a situation whereby an unauthorized user gains physical access to a computer which is most likely able to directly copy data from it. They may also compromise security by making operating system modifications, installing software worms, keyloggers, covert listening devices or using wireless mice. Even when the system is protected by standard security measures, these may be able to be bypassed by booting another operating system or tool from a CD-ROM or other bootable media. Disc encryption and Trusted Platform Modules are designed to prevent these attacks.

Eavesdropping: This is the act of surreptitiously listening to a private computer ‘conversation’ (communication), typically between hosts on a network. For instance, programs such as Carnivore and NarusInSight have been used by FBI and NSA to eavesdrop on the systems of internet service providers. Even machines that operate as a closed system (i.e. with no contact to the outside world) can be monitored using faint electromagnetic transmissions generated by the hardware; TEMPEST is a specification by the NSA referring to these attacks.

Needless to say, people who frequently trade in old mobile phones must understand the security risk involved. Also, businesses that are into mobile phone recycling should educate their customers on what they must do before bringing in their phones.

Multi-vector, Polymorphic Attacks: Surfacing in 2017, a new class of multi-vector, polymorphic cyber threats surfaced that combined several types of attacks and changed form to avoid cybersecurity controls as they spread. These threats have been classified as fifth-generation cyberattacks.

Other vulnerabilities include Phishing, Privilege escalation, Reverse Engineering, Social Engineering, Spoofing and Tampering. 

And as you may already know, your phone is usually the most common device that could expose you to cybersecurity breaches. It means you have to be careful with your mobile device whether you are trying to buy an iPhone or sell one.

When I wanted to sell my mobile phone, I set out to take care of any possible loophole in the device. It is very important that these cybersecurity checks are put in place to avoid making your private information available for unauthorized usage. This is the reason it is necessary to return your old mobile phones to factory setting before proceeding to dispose of them.


Latest articles

US Court Orders NSO Group to Handover Code for Spyware, Pegasus to WhatsApp

Meta, the company that owns WhatsApp, filed a lawsuit against NSO Group in 2019....

New SSO-Based Phishing Attack Trick Users into Sharing Login Credentials  

Threat actors employ phishing scams to trick individuals into giving away important details like...

U.S. Charged Iranian Hacker, Rewards up to $10 Million

The United States Department of Justice (DoJ) has charged an Iranian national, Alireza Shafie...

Huge Surge in Ransomware-as-a-Service Attacks targeting Middle East & Africa

The Middle East and Africa (MEA) region has witnessed a surge in ransomware-as-a-service (RaaS)...

New Silver SAML Attack Let Attackers Forge Any SAML Response To Entra ID

SolarWinds cyberattack was one of the largest attacks of the century in which attackers...

AI Worm Developed by Researchers Spreads Automatically Between AI Agents

Researchers have developed what they claim to be one of the first generative AI...

20 Million+ Cutout.Pro User Records Leaked On Hacking Forums

CutOut.Pro, an AI-powered photo and video editing platform, has reportedly suffered a data breach,...

Live Account Takeover Attack Simulation

Live Account Take Over Attack

Live Webinar on How do hackers bypass 2FA ,Detecting ATO attacks, A demo of credential stuffing, brute force and session jacking-based ATO attacks, Identifying attacks with behaviour-based analysis and Building custom protection for applications and APIs.

Related Articles