Get a Pentest and security assessment of your IT network.

News

Researchers find another Android attack that can get past signature checks

A second vulnerability that can be exploited to modify legitimate Android apps without breaking their digital signatures has been identified. The flaw is different from the so-called “masterkey” vulnerability announced last Wednesday. Android records the digital signature of an application when it is first installed and a sandbox is created for it. The new vulnerability allows attackers to inject code into files that exist in APKs, specifically in their headers, in a way that bypasses the signature verification process. Attackers can trick users into installing fake updates for their already installed applications that would get access to potentially sensitive data.”]

Source: https://www.csoonline.com/article/2133679/researchers-find-another-android-attack-that-can-get-past-signature-checks.html

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Who and why is attacking companies in the Nordic Countries?

News

Shamoon Malware, cyber espionage tool, cyber weapon or