Tuesday, October 28, 2014

Zero-day in Samsung ‘Find My Mobile’ service allows attacker to remotely lock phone

From ComputerWorld

Zero-day in Samsung ‘Find My Mobile’ service allows attacker to remotely lock phone

"According to the National Institute of Standards and Technology (NIST):
The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code) by triggering unexpected Find My Mobile network traffic."

No comments:

Post a Comment