Security News

On the third day of Pwn2Own, contestants hacked the Samsung Galaxy S22 a fourth time since the start of the competition, and this time they did it in just 55 seconds. This earned them $25,000, 50% of the total cash award, as this was the fourth time the Galaxy S22 was hacked during the Pwn2Own Toronto 2022 contest.

Contestants hacked the Samsung Galaxy S22 again during the second day of the consumer-focused Pwn2Own 2022 competition in Toronto, Canada. They executed an improper input validation attack and earned $25,000, 50% of the total cash award, because this was the third time the Galaxy S22 was hacked during the competition.

Contestants have hacked the Samsung Galaxy S22 smartphone twice during the first day of the Pwn2Own Toronto 2022 hacking competition, the 10th edition of the consumer-focused event. [...]

A now-patched security flaw has been disclosed in the Galaxy Store app for Samsung devices that could potentially trigger remote command execution on affected phones. The vulnerability, which affects Galaxy Store version 4.5.32.4, relates to a cross-site scripting bug that occurs when handling certain deep links.

At the Samsung Developer Conference 2022, the company also discussed its plans for personalized experiences, security and privacy. The post Samsung unveils latest features for smartphones, smart...

Samsung on Monday confirmed a security breach that resulted in the exposure of internal company data, including the source code related to its Galaxy smartphones. "According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees," the electronics giant told Bloomberg.

Samsung Electronics confirmed on Monday that its network was breached and the hackers stole confidential information, including source code present in Galaxy smartphones. As first reported by BleepingComputer, the data extortion group Lapsus$ leaked at the end of last week close to 190GB of archives claiming to have been stolen from Samsung Electronics.

A group of academics from Tel Aviv University have disclosed details of now-patched "Severe" design flaws in Android-based Samsung smartphones that could have resulted in the extraction of secret cryptographic keys. The shortcomings are the result of an analysis of the cryptographic design and implementation of Android's hardware-backed Keystore in Samsung's Galaxy S8, S9, S10, S20, and S21 flagship devices, researchers Alon Shakevsky, Eyal Ronen, and Avishai Wool said.

Samsung's official Android app store, called the Galaxy Store, has had an infiltration of riskware apps that triggered multiple Play Protect warnings on people's devices. Scammers bet on the popularity of the pirate app, and indeed their cloned apps enjoyed a welcoming reception by the Samsung user community.

Trend Micro's ZDI has awarded $1,081,250 for 61 zero-days exploited at Pwn2Own Austin 2021, with competitors successfully pwning the Samsung Galaxy S21 again and hacking an HP LaserJet printer to play AC/DC's Thunderstruck on the contest's third day. Sam Thomas from team Pentest Limited was the one who compromised the Samsung Galaxy S21 running the latest Android 11 security updates on the third day using a unique three-bug chain and earning $50,000.