Tag Archive: Vulnerability

OnePlus 6 bootloader vulnerability makes phone comically easy to hack

Flaw allows a modified boot image to load and grant complete admin control to anyone with the know-how.

The OnePlus 6 is a really great phone for not a lot of money. It’s easy to see why anyone would want to buy one, and if you recently pick one up, you need to be aware of a new exploit that could give the right person complete control over your device.

First reported at XDA Developers, president of  [Read More…]

These are all the Android devices updated to fix KRACK Wi-Fi vulnerability

If you want to keep your info safe in the post-KRACK world, these are the Android devices you need to be using.

In October 2017, a big vulnerability with the WPA2 Wi-Fi standard was discovered. Referred to as KRACK, this is a vulnerability that essentially makes open season on all your personal data when connected to a Wi-Fi network using WPA2.

You can find all of the information about KRACK in Jerry’s guide here, but when talking  [Read More…]

Let’s talk about Blueborne, the latest Bluetooth vulnerability

Because you need to know what’s up and what to do about it.

We got to see something cool and terrible (yes, it’s possible to be both at the same time) earlier this week when Armis Security published the details of a new Bluetooth exploit. Called “Blueborne,” the exploit allows a person with the right tools and who is within Bluetooth range of your smart thing — laptop, phone, car, or anything else that runs Android (as  [Read More…]

Google awards $10,000 prize to student who reported big security vulnerability

A bored student from Uruguay recently hit jackpot as he tried to find ways to pass the time. As Ezequiel Pereira himself explains in a blog post, he started to look for a bug in Google. At first he tried changing the Host header in requests to the App Engine server in order to gain […]

Identify critical vulnerability in Qualcomm’s Snapdragon chips and win $15,000

Qualcomm just introduced its top of the line next-gen chipset Snapdragon 835 earlier this week. Now the company announced a new bug bounty program that invites white hat hackers to identify vulnerabilities in its Snapdragon chips and LTE modems. Qualcomm is offering prizes up to $ 15,000 to those who successfully identify a bug (or more).

LG V10 has a vulnerability in fingerprint security

The LG V10 seems to have a significant security vulnerability not shared by other devices with fingerprint readers. The bad news is that someone can add their fingerprint to your V10 without a PIN. The good news is that you have to unlock it for them first.

If someone gets their hands on your locked phone, they won’t be able to access it. But if you give it to them unlocked, to make a phone call or show off  [Read More…]

Google’s Vulnerability Reward Program paid out more than $2 million in 2015

Google has released a quick overview of its Vulnerability Reward Program in 2015, showing that the company paid out more than $ 2 million to security researchers throughout the year. Google also revealed that the program, which rewards researchers with payments for discovering vulnerabilities in Google services, has also rewarded more than $ 6 million in total since its launch in 2010.

Interestingly, Google says that Android researchers were paid more than $ 200,000 after the mobile  [Read More…]

What you need to know about the CONFIG_KEYS Linux kernel vulnerability

A new security issue (CVE-2016-0728 for those who like to keep track of these things) was announced on January 14 by Perception Point, a security research team. The bug affects kernels compiled with the CONFIG_KEYS kernel configuration switch set to “on,” and has been present in all Linux kernels since version 3.8. The exploit allows root escalation by cycling a 32-bit integer back to zero. Perception point claims that “approximately tens of millions of Linux PCs and  [Read More…]

Seagate rolls out firmware update to address vulnerability of select portable drives

Should you be the owner of the Seagate Wireless Plus Mobile Storage, Seagate Wireless Mobile Storage, and LaCie Fuel portable wireless drives, you’ll want to check the official website for details on downloading new firmware. A security vulnerability has been discovered on the drives that could potentially expose data to malicious attacks.

[Read More…]

OnePlus rolls out OxygenOS 1.0.2 update to address ‘Stagefright’ vulnerability

OxygenOS version 1.0.2 has just been released to the public. OnePlus has provided the means to flash the update, which is set to address the “Stagefright” vulnerability that could lead to your phone becoming compromised.