Android September 2018 Patches Fix Critical Flaws

The September 2018 Android Security Bulletin is split into two parts, the 2018-09-01 security patch level, which resolves 24 bugs, and the 2018-09-05 security patch level, which addresses a total of 35 bugs. Five of the vulnerabilities patched with the 2018-09-01 security patch level were rated Critical severity. Three of these are elevation of privilege…

Most Android devices lack latest security patches

Nearly three-quarters of Android devices on the five biggest U.S. carriers are running on security patches that are at least two months old, putting them at greater risk of being hacked. That finding was made in an analysis released Thursday by Skycure, a mobile threat defense vendor. The report also found that the city of Boston…

Android Vulnerabilities: Attacking Nexus 6 and 6P Custom Boot Modes

In recent months, the X-Force Application Security Research Team has discovered several previously undisclosed Android vulnerabilities. The November 2016 and January 2017 Android Security Bulletins included patches to one high-severity vulnerability, CVE-2016-8467, in Nexus 6 and 6P. Our new paper, “Attacking Nexus 6 & 6P Custom Bootmodes,” discusses this vulnerability as well as CVE-2016-6678.

Avoiding the Technology Upgrade? Don’t Dodge Security

Consumers love new technology. New iterations of iPhones or brand-specific Androids are embraced by devotees looking to analyze the latest features, dissect any potential flaws and conduct entirely biased comparisons to determine which device is best. Beyond the high-profile advertising that accompanies emerging tech, however, is the underlying software update that typically addresses issues such…

GM Bot: Alive and Upgraded, Now on Android M

IBM X-Force Research detected a recently updated version of the GM Bot mobile banking malware designed to deploy on Android 6 operating systems and bypass new security applied to the platform. Android officially released this Marshmallow OS, code-named M, in October 2015. The GM Bot version we analyzed can work on all Android versions up…