Security News
Samsung today committed to provide its enterprise-edition flagships with half a decade's worth of security updates. The eligible devices include the enterprise versions of the Galaxy S20 series, the Galaxy S21 series, the Galaxy Note 20 series, the ruggedised Galaxy XCover 5, and the Galaxy Tab Active 3.
Western Digital announced its second-generation UFS 3.1 storage solution for 5G smartphones. The new Western Digital iNAND MC EU551 delivers the high-performance storage consumers need to be able to use their phones for emerging applications like ultra-high-resolution cameras, AR/VR, gaming and 8K video.
5G business smartphone shipments will grow at a CAGR of 28% over the 2021-2026 forecast period, according to a Strategy Analytics forecast. Worldwide BYOD 5G smartphone shipments will increase by 187% YoY, and corporate-liable shipments will increase by 649% YoY from 2020.
A heap overflow vulnerability in Qualcomm's Snapdragon 855 system-on-chip modem firmware, used in Android devices, could be exploited by baddies to run arbitrary code on unsuspecting users' devices, according to Check Point. The software bug, tracked as CVE-2020-11292, can be abused to trigger a heap overflow in devices that use a Qualcomm Mobile Station Modem chip, thanks to some in-depth jiggery-pokery in the Qualcomm MSM Interface voice service API. "If exploited, the vulnerability would have allowed an attacker to use Android OS itself as an entry point to inject malicious and invisible code into phones, granting them access to SMS messages and audio of phone conversations," said some not-at-all-excitable researchers from Israeli security firm Check Point in a blog post today.
South Korean tech giant LG this week announced that it will continue to provide operating system updates to users of its premium Android smartphones, for up to three years. On Thursday, the company announced that it will continue to provide platform updates for all premium LG smartphones that are currently in use.
A new report, Personal Data, Privacy & Smartphones: The Cautious Consumer analyzes what smartphone owners think of the upcoming Apple Identifier for Advertisers opt-in requirement and the use of their data. Smartphone owners are not in agreement-partially due to the inexact wording and understanding-of how their data should be navigated by app developers and content providers.
Some 5G networks are at risk of attack thanks to "Long-standing vulnerabilities" in core protocols, according to infosec researchers at Positive Technologies. "The stack of technologies in 5G potentially leaves the door open to attacks on subscribers and the operator's network. Such attacks can be performed from the international roaming network, the operator's network, or partner networks that provide access to services," the biz said.
The American Civil Liberties Union has sued the US government, claiming Homeland Security agents trampled over people's constitutional rights - by buying phone location data from commercial brokers rather than getting necessary search warrants. "These practices raise serious concerns that federal immigration authorities are evading Fourth Amendment protections for cell phone location information by paying for access instead of obtaining a warrant," the ACLU said in a statement this week.
Smartphones and the rise of IoT. Relying on the ubiquity of smartphones and the rise of remote controls, users and vendors alike have embraced the move away from physical device interfaces. The communication between an IoT device and its app is often not properly encrypted nor authenticated - and these issues enable the construction of exploits to achieve remote control of victim's devices.
Cyan Forensics announced a new partnership with Susteen, the California-based developer of mobile forensic tools. Founded in 2016, Cyan Forensics' technology for scanning computers is already used by the Home Office Child Abuse Image Database system and policing across the UK for offences relating to Child Sexual Abuse Material, and is deployed with counter terror policing in the UK and Europe.