Researchers: ‘Critical Vulnerability’ in Samsung’s Knox-Secured Phones

Samsung’s Knox mobile security solution for smartphones like the best-selling Galaxy S4 has a “critical vulnerability” which could enable “easy interception of data communications,” according to researchers at Israel’s Ben-Gurion University (BGU) of the Negev. The university said earlier this week that the “vulnerability was uncovered by Ph.D. student Mordechai Guri during an unrelated research task.” The BGU discovery of the vulnerability in Knox was first reported by The Wall Street Journal. “To us, Knox symbolizes state-of-the-art in terms of secure mobile architectures and I was surprised to find that such a big ‘hole’ exists and was left untouched,” Guri said. Knox, built on TrustZone security technology available for ARM processor cores, adds a “secure container” to a regular mobile phone environment for protected data and communications activity to take place. It is supposed to protect all the data within the secure container even if malware has infected the non-secure section of the mobile device. “However, the newly found breach can be used to bypass all Knox security measures. By simply installing an ‘innocent’ app on the regular phone (in the non-secure container) all communications from the phone can be captured and exposed,” researchers in BGU’s Cyber Security Labs said…. Read full this story

• Qualcomm chip vulnerability found in millions of Google, Samsung, and LG phones
• Samsung: Four Years of Security Updates for Galaxy Devices | Digital Trends
• Samsung issues urgent alert to all Galaxy owners - check for this Android update NOW
• Samsung Galaxy Note20 Ultra Review: You May Not Need It, Which Is Exactly Why You Must Have It
• Patch issued to tackle critical security issues present in Dell driver software since 2009
• Critical remote code execution flaw in thousands of VMWare vCenter servers remains unpatched
• Apple patches macOS Gatekeeper bypass vulnerability exploited in the wild
• Cisco publishes solutions to SD-WAN and HyperFlex software security vulnerabilities
• The Race to Secure Voting Tech Gets an Urgent Jumpstart
• Critical entities targeted in suspected Chinese cyber spying

Researchers: 'Critical Vulnerability' in Samsung's Knox-Secured Phones have 320 words, post on in.pcmag.com at December 26, 2013. This is cached page on Vietnam Dance. If you want remove this page, please contact us.