Recently, Samsung has rolled out security updates for its mobile devices to fix some critical security vulnerabilities. Samsung has published the official changelog mentioning many of the vulnerabilities of all the latest over-the-air. This is particularly important when youwant to sell an old mobile phone. This security update has many vulnerability patches that fix all sorts of critical vulnerabilities in many versions of Android Operating Systems. Among all the vulnerabilities, the most affecting one was CVE-2020-0240. It is a remote code execution vulnerability produced by an ‘integer overflow’ bug in the Android Operating System.
According to researchers, this vulnerability would enable a remote attacker to gain full authority over your device. Experts have advised all the users to update their android devices instantly so that they can safeguard themselves against these bugs and secure their devices fully. Users have also been advised to make sure that their devices’ ‘auto-update’ settings have been enabled.
Some Background Information
Cybersecurity is the term used to describe protection of computer systems and networks from the theft of or damage to their hardware, software or electronic data, as well as from the disruption or misdirection of the services they provide. The term can also be known as computer security or Information Technology Security. This field is becoming increasingly important due to increased reliance on computer systems, the internet, the wireless network standards such as Bluetooth and Wi-fi, and due to the growth of smart devices, including smart phones, televisions and the various devices that constitute the ‘internet of things’. Owing to its complexity, cybersecurity is also one of the major challenges in today’s world. Cybersecurity is meant to address the issues of vulnerabilities.
A vulnerability is a weakness in design, implementation, operation or internal control. Most of the vulnerabilities that have been discovered are documented in the Common Vulnerabilities and Exposures (CVE) database as have been mentioned earlier. Examples include:
Backdoor: This is any secret method of bypassing normal authentication or security controls. They may exist for a number of reasons, including by original design or from poor configuration. They may have been added by an authorized party to allow some legitimate access, or by an attacker for malicious reasons; but regardless of the motives for their existence, they create a vulnerability. Backdoors can be very difficult to detect and detection of backdoors are usually discovered by someone who has access to application source code or intimate knowledge of the computer’s Operating System.
Denial-of-service Attack: DDOS is designed to make a machine or network resource unavailable to its intended users. Attackers can deny service to individual victims, such as by deliberately entering a wrong password enough consecutive times to cause the victim’s account to be locked, or they may overload the capabilities of a machine or network and block all users at once.
Direct-access Attacks: This is a situation whereby an unauthorized user gains physical access to a computer which is most likely able to directly copy data from it. They may also compromise security by making operating system modifications, installing software worms, keyloggers, covert listening devices or using wireless mice. Even when the system is protected by standard security measures, these may be able to be bypassed by booting another operating system or tool from a CD-ROM or other bootable media. Disc encryption and Trusted Platform Modules are designed to prevent these attacks.
Eavesdropping: This is the act of surreptitiously listening to a private computer ‘conversation’ (communication), typically between hosts on a network. For instance, programs such as Carnivore and NarusInSight have been used by FBI and NSA to eavesdrop on the systems of internet service providers. Even machines that operate as a closed system (i.e. with no contact to the outside world) can be monitored using faint electromagnetic transmissions generated by the hardware; TEMPEST is a specification by the NSA referring to these attacks.
Needless to say, people who frequently trade in old mobile phones must understand the security risk involved. Also, businesses that are into mobile phone recycling should educate their customers on what they must do before bringing in their phones.
Multi-vector, Polymorphic Attacks: Surfacing in 2017, a new class of multi-vector, polymorphic cyber threats surfaced that combined several types of attacks and changed form to avoid cybersecurity controls as they spread. These threats have been classified as fifth-generation cyberattacks.
Other vulnerabilities include Phishing, Privilege escalation, Reverse Engineering, Social Engineering, Spoofing and Tampering.
