Security News

The attack doesn't exploit any flaw in the Voice over LTE protocol; instead, it leverages weak implementation of the LTE mobile network by most telecommunication providers in practice, allowing an attacker to eavesdrop on the encrypted phone calls made by targeted victims. Thus, the new ReVoLTE attack exploits the reuse of the same keystream by vulnerable base stations, allowing attackers to decrypt the contents of VoLTE powered voice calls in the following scenario.

New research disclosed a string of severe security vulnerabilities in the 'Find My Mobile'-an Android app that comes pre-installed on most Samsung smartphones-that could have allowed remote attackers to track victims' real-time location, monitor phone calls, and messages, and even delete data stored on the phone. Portugal-based cybersecurity services provider Char49 revealed its findings on Samsung's Find My Mobile Android app at the DEF CON conference last week and shared details with the Hacker News.

Tens of researchers showcased their work last week at the DEF CON hacking conference. They presented research on hacking phones, cars, satellite communications, traffic lights, smart home devices, printers, and popular software services, among many others.

The Wall Street Journal has an article about a company called Anomaly Six LLC that has an SDK that's used by "More than 500 mobile applications." Through that SDK, the company collects location data from users, which it then sells. Anomaly Six is a federal contractor that provides global-location-data products to branches of the U.S. government and private-sector clients.

A series of vulnerabilities affecting Samsung's Find My Mobile could have been chained to perform various types of activities on a compromised smartphone, a researcher from Portugal-based cybersecurity services provider Char49 revealed at the DEF CON conference on Friday. Find My Mobile is designed to help users find lost Samsung phones.

DEF CON In July, the makers of millions of smartphones powered by Qualcomm's Snapdragon system-on-chips received mitigation recommendations to address a bevy of security flaws in their products, all introduced by Qualcomm's technology. Technical details have been withheld from the public to give gadget makers time to implement and roll out Qualcomm's fixes, which will take time.

Vulnerabilities were found in a Qualcomm Snapdragon chip that could let attackers obtain photos, videos, call recordings, and other data on Android phones, says Check Point Research. A new report by cyber threat intelligence provider Check Point Research explains how vulnerabilities found in a chip in many Android phones could allow hackers to spy on users.

The US Senate voted Thursday to bar TikTok from being downloaded onto US government employees' telephones, intensifying US scrutiny of the popular Chinese-owned video app. President Donald Trump, who has locked horns with China on a range of issues including trade and the coronavirus pandemic, has set a deadline of mid-September for TikTok to be acquired by a US firm or be banned in the United States.

An encrypted BlackBerry device that was cracked five years after it was first seized by police is poised to be the key piece of evidence in one of the state's longest-running drug importation investigations. In April, new technology "Capabilities" allowed authorities to probe the encrypted device.

Twitter has confirmed that the breach of several high-profile accounts that occurred on July 15 was caused by a phone spear phishing attack that targeted a small number of employees. Using the credentials of the affected employees, the attackers managed to compromise 130 different Twitter accounts, including those of Bill Gates, Jeff Bezos, Elon Musk, Joe Biden, and Barack Obama, according to Twitter.