Never miss a story

Get subscribed to our newsletter


×
A French soldier watches code lines on his computer during the International Cybersecurity forum in Lille, northern France, Jan. 23, 2018. VOA

A security flaw in Samsung, LG, Sony, Huawei and other Android smartphones has been discovered that leaves users vulnerable to advanced SMS phishing attacks, Check Point Research — the threat intelligence arm of cybersecurity firm Check Point Software Technologies Ltd. said on Thursday.

Researchers at the cybersecurity firm said certain Samsung phones are the most vulnerable to this form of phishing attack because they do not have an authenticity check for senders of Open Mobile Alliance Client Provisioning (OMA CP) messages.


“Given the popularity of Android devices, this is a critical vulnerability that must be addressed. Without a stronger form of authentication, it is easy for a malicious agent to launch a phishing attack through over-the-air (OTA) provisioning.

“When the user receives an OMA CP message, they have no way to discern whether it is from a trusted source. By clicking ‘accept’, they could very well be letting an attacker into their phone,” Slava Makkaveev, Security Researcher, Check Point Software Technologies, said in a statement.

The affected Android phones use OTA provisioning, through which cellular network operators can deploy network-specific settings to a new phone joining their network.


FILE – A worker sits a computer at the Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC) in Arlington, Va., Aug. 22, 2018. VOA

However, researchers at Check Point found that the industry standard for OTA provisioning — the OMA CP, includes limited authentication methods and remote agents can exploit this to pose as network operators and send deceptive OMA CP messages to users.

The message tricks users into accepting malicious settings that route their Internet traffic through a proxy server owned by the hacker.

Also Read: Lenovo Launches Three New Smartphones in India

The findings were disclosed to the affected vendors in March; Samsung included a fix addressing this phishing flaw in their Security Maintenance Release for May (SVE-2019-14073), LG released their fix in July (LVE-SMP-190006), and Huawei is planning to include UI fixes for OMA CP in the next generation of Mate series or P series smartphones.

However, Sony refused to acknowledge the vulnerability, stating that their devices follow the OMA CP specification. (IANS)


Popular

Photo by Luca Bravo on Unsplash

When transitioning to tech, some communication, innovation, research, and analytical skills come in very handy.

By- Sebastian Miller

When transitioning to the tech world. One of the scariest things can be the fear of living up to the task. It is because you feel like you do have the right skills for the job. But this should not be the case. If you have worked before in any other field outside of tech, you most definitely have skills that you can use. These skills might not all be relevant for the tech job, but some of them might come in handy. When you are transferring to a tech job, the first thing to focus on is transferable skills. The good thing is that some skills span through different fields, and if a candidate has them, they are desirable. To add to this, we have technical skills. These skills are easier to learn compared to other skills. When transitioning to tech, some communication, innovation, research, and analytical skills come in very handy. These skills will give you an edge when getting into the tech world. According to professional dissertation writer, these are the most important skills hat can help you get an edge when applying to jobs that are in tech:

Keep Reading Show less

The IAS exam is conducted by the Union Public Service Commission (UPSC) to appoint the most deserving candidates for IAS, IPS, IFS, and other respected positions.

By- Collegedunia

The majority of candidates writing the UPSC exam have only one goal in mind, to become an IAS officer. The Indian Administrative Service (IAS) is one of the most sought-after careers that gives the golden chance of serving the nation.

Keep Reading Show less
Unsplash

Interestingly, 63% of the overall registrations in the training were made by women learners from Delhi, Mumbai, Bangalore, Pune, and Hyderabad.

By- Sunidhi Beeliya

Internshala Trainings, the e-learning arm of Internshala, recently brought out a report highlighting the inclination of young graduates towards learning professional communication skills. The platform has registered a massive increase of 90% in the number of enrollments, in communication skills training, within the past 1 year.

Keep reading... Show less