Samsung Galaxy Store Flaws Put Millions of Devices Vulnerable

Researchers have discovered severe security flaws in the Samsung Galaxy Store application. These vulnerabilities put millions of users, including those who use Samsung phones, tablets, smart TVs, and wearables, at risk of cyberattacks. The security flaws were found in the application, which is used to download apps and games from the Samsung Galaxy Store. According to the researchers, the security flaws could allow attackers to inject malicious code, execute remote code, and perform man-in-the-middle attacks, which could lead to the leak of sensitive information. Furthermore, the researchers found that the application was not properly configured, allowing attackers to bypass device security measures and gain access to user data. This could then be used to launch various cyberattacks. The researchers also discovered that Samsung's authorization mechanism was vulnerable to a "rollback attack" which could allow attackers to bypass security measures. The researchers have decided to tell Samsung about the vulnerabilities before disclosing them to the public, giving the tech giant time to patch the security flaws and protect users from potential cyberattacks. Samsung has since released an update to address the security flaws. Security experts are recommending that all users, whether they use Samsung products or not, take steps to secure their devices and prevent attackers from being able to exploit any vulnerabilities. Additionally, users should always install the latest security updates and patches and be aware of any malicious apps or programs that may be hiding malicious software. By taking a few simple precautions, users can protect themselves from becoming victims of cybercrime.

This Cyber News was published on securityaffairs.com. Publication date: Thu, 26 Jan 2023 10:39:02 +0000


Cyber News related to Samsung Galaxy Store Flaws Put Millions of Devices Vulnerable

Protecting Your Device from Unwanted App Installations: An Overview of Samsung Galaxy Store Flaws - As more and more devices become connected to the internet, it's important to be aware of the security measures we should take to protect our data and digital identities. Smartphones and other mobile devices can be particularly vulnerable targets, due ...
1 year ago Securityweek.com
Samsung Galaxy Store Flaws Put Millions of Devices Vulnerable - Researchers have discovered severe security flaws in the Samsung Galaxy Store application. These vulnerabilities put millions of users, including those who use Samsung phones, tablets, smart TVs, and wearables, at risk of cyberattacks. The security ...
1 year ago Securityaffairs.com
Samsung Galaxy Store App Found Vulnerable to Hackers - Security researchers have found that the Samsung Galaxy Store app is vulnerable to hackers, putting millions of users at risk of data theft and cyber attacks. According to researchers from the Security Research Center at Michigan University, the app ...
1 year ago Thehackernews.com
Security Flaws Found in Samsung's Galaxy Store for Android - Recent developments in the tech industry have jolted the world – smartphones, more so. In addition to boosting user convenience, these mini-computers have also made life easier for predators looking to exploit security loopholes. Therefore, it is ...
1 year ago Heimdalsecurity.com
CVE-2023-38297 - An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of ...
5 months ago
Samsung Galaxy App Store Vulnerabilities: Exploits Released and What These Mean For Users - Exploits have recently been released for two Samsung Galaxy App Store vulnerabilities, representing a major security risk for users of the smartphone. The first vulnerability is in the Galaxy App Store where malicious app developers can bypass ...
1 year ago Bleepingcomputer.com
Samsung Galaxy S23 hacked two more times at Pwn2Own Toronto - Security researchers hacked the Samsung Galaxy S23 smartphone two more times on the second day of the Pwn2Own 2023 hacking competition in Toronto, Canada. The contestants also demoed zero-day bugs in printers, routers, smart speakers, surveillance ...
10 months ago Bleepingcomputer.com
Samsung Galaxy S23 hacked twice on first day of Pwn2Own Toronto - Security researchers hacked the Samsung Galaxy S23 twice during the first day of the consumer-focused Pwn2Own 2023 hacking contest in Toronto, Canada. They also demoed exploits and vulnerability chains targeting zero-days in Xiaomi's 13 Pro ...
10 months ago Bleepingcomputer.com
Take a Cisco Store Tech Lab Tour - Around 7,100 visitors came through the Cisco Store, and 396 attendees participated in 23 tours. We walked attendees through key highlights of our Tech Lab, demonstrating how multiple products can work together. We started at our grid wall, displaying ...
6 months ago Feedpress.me
Epic Sues Google, Samsung Over App Store Barriers | Silicon UK - In its new case Epic claims that a month before the Epic Games Store launch in August, Samsung decided to enable Auto Blocker by default, making it more difficult for buyers of new phones to install competing app stores. Epic Games has filed a second ...
1 week ago Silicon.co.uk
Samsung hit by new data breach impacting UK store customers - Samsung Electronics is notifying some of its customers of a data breach that exposed their personal information to an unauthorized individual. The company says that the cyberattack impacted only customers who made purchases from the Samsung UK online ...
10 months ago Bleepingcomputer.com
Hackers earn over $1 million for 58 zero-days at Pwn2Own Toronto - The Pwn2Own Toronto 2023 hacking competition has ended with security researchers earning $1,038,500 for 58 zero-day exploits targeting consumer products between October 24 and October 27. During the Pwn2Own Toronto 2023 hacking event organized by ...
10 months ago Bleepingcomputer.com
Samsung Galaxy gets new Auto Blocker anti-malware feature - Samsung has unveiled a new security feature called 'Auto Blocker' as part of the One UI 6 update, offering enhanced malware protection on Galaxy devices. Auto Blocker is an opt-in security feature that prevents the side-loading of risky apps ...
10 months ago Bleepingcomputer.com
Discovering SSRF Flaws in Microsoft Azure Services - Microsoft Azure is an incredibly popular cloud computing platform and its services are used around the world. Recently, security researchers uncovered several Server-Side Request Forgery (SSRF) flaws in many of Microsoft Azure’s services. This type ...
1 year ago Securityaffairs.com
CVE-2021-41769 - A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD89 devices (CPU variant CP300) (All versions < ...
2 years ago
Over 1,450 pfSense servers exposed to RCE attacks via bug chain - Roughly 1,450 pfSense instances exposed online are vulnerable to command injection and cross-site scripting flaws that, if chained, could enable attackers to perform remote code execution on the appliance. PfSense is a popular open-source firewall ...
9 months ago Bleepingcomputer.com
Cisco Secure Access Extends SSE With Mobile Zero Trust - Earlier this year, we introduced Cisco Secure Access, a security service edge solution that combines a secure web gateway, cloud access security broker, firewall-as-a-service, zero trust access and more, to help organizations address this challenge ...
10 months ago Feedpress.me
178K+ SonicWall Firewalls Vulnerable to DoS, RCE Attacks - Two unauthenticated denial-of-service vulnerabilities are threatening the security of SonicWall next-generation firewall devices, exposing more than 178,000 of them to both DoS as well as remote code execution attacks. SonicWall products affected are ...
8 months ago Darkreading.com
Cisco Store Xplorer: An AR Experience - Augmented reality has the potential to unlock a new level of interaction with the world around us. The Cisco Store has harnessed this technology by creating the Cisco Store Xplorer AR app. When the app is first opened, it detects whichever store is ...
8 months ago Feedpress.me
Are you sure that online store is real? You might be surprised - The rise of user-friendly online store platforms, originally designed to simplify launching digital storefronts, has unintentionally contributed to this problem. These scam artists have a worldwide presence, launching numerous fake stores in various ...
9 months ago Blog.avast.com
Improving Audience Understanding and Store Operations - Understanding how to best serve customers is a primary focus for retailers. Retailers need to know what their customers are buying, when they're buying it, and their feelings while shopping. Stationing staff members in the store to gauge customer ...
8 months ago Feedpress.me
CVE-2019-16400 - Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: ...
4 years ago
CVE-2019-16401 - Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: ...
4 years ago
IoT Security: Safeguarding Business IoT Devices - The security of IoT devices is of utmost importance as businesses increasingly rely on them to streamline operations and enhance productivity. In this discussion, we will explore the importance of IoT security in safeguarding business IoT devices and ...
7 months ago Securityzap.com
CVE-2022-23470 - Galaxy is an open-source platform for data analysis. An arbitrary file read exists in Galaxy 22.01 and Galaxy 22.05 due to the switch to Gunicorn, which can be used to read any file accessible to the operating system user under which Galaxy is ...
1 year ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)