Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Vulnerability Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Black Hat 2015: Vulnerability enables complete takeover of any Android device

Researchers with Check Point have identified a vulnerability - dubbed Certifi-gate - that can enable an attacker to take over practically any device running the popular mobile operating system. 

Avi Bashan, technology leader at Check Point, and Ohad Bobrov, mobile threat prevention manager at Check Point, presented their findings during a session at Black Hat USA 2015 in Las Vegas. They explained that the issue is in the architecture of popular mobile Remote Support Tools used by practically all device manufacturers and network service providers.

Bashan discussed the issue and demonstrated a potential attack in a video for SCMagazine.com. In the demonstration, Bashan showed how he can control any function on the victim's Android device from his laptop. Additionally, he showed how he can monitor any actions taken by a user. 

Related

Security concerns curb open source utilization

Open source software utilization has been scaled back by nearly 40% of industry professionals due to security concerns, with more than 50% reducing open source usage following the emergence of the widespread Log4j vulnerability, The Register reports.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.