Android Devices Powered By Qualcomm Are Overwhelmed By Four Rooting Flaws – A security researcher from Check Point Software Technologies, Adam Donenfeld presented four rooting flaws of Android devices in Def Con Security Conference in Las Vegas on 7th August which was reported to the chipset maker company Qualcomm between February and April.
Qualcomm has addressed the vulnerabilities as high severity and released fixes for all of them. However, still many Android devices might be exposed to this vulnerability as there are many older Android devices which do not receive any firmware updates or else receive after a long delay.
Check Point Software came out with an application called QuadRooter Scanner available in Google Play that let users check if their devices are attacked by any of the four flaws.
Android Devices Powered By Qualcomm Are Overwhelmed
These flaws are tracked as CVE-2016-2059, CVE-2016-2503, CVE-2016-2504 and CVE-2016-5340 which are situated in various drivers being provided by Qualcomm to the device manufacturer. Qualcomm has released the fixes for all four flaws, however, Google has distributed only three patches as of now. The patch for flaw CVE-2016-5340 is still not distributed by Google. But device manufacturers can always obtain it from the Qualcomm’s open source project, Code Aurora. Google will address the fourth flaws in their upcoming Android security Bulletin. Read also : Cara menambah ram android
Any exploitation of these flaws will cause the download of a malicious application in your device, according to the representative from Google. While it is also true that exploitation of any of these vulnerabilities is only possible through any rouge application but not through browsing, emailing or SMS.
While Qualcomm has identified these vulnerabilities as high severity, Google, and researcher from Check Point Software do not agree that point and they have stated the flaws as low severity. Google has also noted that the flaw CVE-2016-2059 can be allied through SELinux, even though Check Point Software does not agree this assessment from Google.
Google CEO Sundar Pichai’s Quora Account Is Hacked – Sundar Pichai did not have a good start of this week as his Quora account is being hacked by a group of hackers called OurMine. Quora, the question and answer site was taken over by OurMine on Sunday after which they posted ‘we are just testing our security’ in Sundar Pichai’s Quora account and as his quora are connected to the Twitter account, all his followers around 508,000 were able to see the post. However, the post in now removed from his Twitter account.
This OurMine is the same group that hacked Facebook CEO Mark Zuckerberg’s social media account in the last month. And not just that rather there are many big profiles in the list such as Spotify’s CEO and prominent Amazon executives while the group has also stated that more targets will follow in the future.
But the good thing is that this hack is not harmful so far and no sensitive data is being stolen after hacking. However, still, there is a fear that who will be next. The hackers have also gone on to state that they have been able to take over Mark Zuckerberg’s account by finding his password dadada while in Sundar Pichai’s case, it was weak security that helped them hacking the account.
While OurMine has continued to hack various high profiles in the recent days, it seems this activity is nothing but their publicity stunt. The hacker group has tweeted that they mainly aim is to say that no one is safe, some of the accounts were hacked due to weak password and some were hacked due to vulnerability but users can always upgrade their security by purchasing OurMine’s services. Till date, they have earned $18,400 by selling their service.
The group claims to improve the security of a social media account at just $100 while $1000 service will scan the full website for vulnerabilities.
Microsofts Acquisition of Groove – Microsoft rebranded its Xbox Music service back in August, to a service now known as Groove, which got various new features beside the name change.
Back before the application was renamed, there existed an application in the Windows Store called Groove: Smart Music Player, which was created by Canadian startup Zikera. Also, in a recent announcement by the organization, Microsoft has acquired Zikeras Groove service.
Microsoft acquired everything from Groove, said Tri Nguyen, CEO of Zikera. However, he was not ready to share anything more about the purchase, including the amount Microsoft paid. The letter from Zikera regarding to the acquisition stated:
Our journey began back in the days of the iPod. While it was a wondrous thing, we still struggled to choose what to play from our beloved music collection. From that instant, we envisioned a music player so smart that learns our tastes and habits keeping in order to play the right music at the right time. At that point Groove was born, and you made it a success. We are incredibly glad to have pleased you with a rich mobile experience and endless hours of music bliss through the tens of millions of personalized playlists we generated.
With the purchase of Microsoft in thought, Groove: Smart Music Player will never again be available to download on the Windows Store. However, those who have downloaded the application in beforehand can still use it, yet no more updates will be pushed out to them.
Microsoft has yet to formally announce its acquisition of Groove. Read also : Memperbaiki playstore rusak