Ticker

6/recent/ticker-posts

Android Flaw Affects kiya One Billion Android Phones

Gulshan Nandeshwar May 27, 2020

Android Flaw Hijack Apps

Android
Android

Remember Strandhogg?

Android ko prabhaavit karane vaalee ek suraksha bhedyata jo durbhaavanaapoorn Application upayogakartaon ko nakalee interface pradarshit karane ke lie lakshit divais par install kie gae kisee bhee any app ke rop mein bhi chedachad karane ke lie shoshan kar sakatee hai, unhen sanvedanashel janakaree dene mein dhokha detee hai.

Android Flaw Affects / Hijack Apps

Norwegian cybersecurity sikyoritee risarchaars kee ek hee team ne aaj Android operating system ko prabhaavit karane vaalee ek nayee mahatvaapoorn bhedyata (CVE-2020-0096) ke vivaran ka anaavaran kiya, jo hamalaavaron ko Strandhogg hamale ke adhik parishkt sanskaran ko le jane kee anumati de sakata hai.


Dabd Straindahog 2.0, naee bhedyata sabhee Android Devices ko prabhaavit karatee hai, mobile operating system ke naveenatam sanskaran, Android kyoo / 10 ko chhodakar, jo durbhaagy se, kul Android-sanchaalit ka keval 15-20% par chal raha hai. upakaranon, arabon smart phone ko chhodakar hamalaavaron ke lie asurakshit.


Straindahog 1.0 Android ke malteetaasking futures mein nivaas kiya gaya tha, jabaki naya straindahog 2.0 dosh mool roop se visheshaadhikaar bhedyata ka ek utthaan hai jo haikars ko lagabhag sabhee app tak pahunch praapt karane kee anumati deta hai.

Jaisa ki pahale bataaya gaya hai, jab koee upayogakarta kisee vaidh app ke icon ko tap karata hai, straindahog kamajoriyon ka shoshan karane vaala mailaveyar vaastavik Application lonch karane ke bajaay upayogakarta ko ek nakalee interface pradarshit karane ke lie is gatividhi / kaary ko baadhit aur baadhit kar sakata hai.

Haalaanki, straindahog 1.0 ke vipareet, jo keval ek samay mein ek par hamala kar sakata hai, naveenatam dosh hamalaavaron ko "ek batan ke sparsh mein ek saath die gae divais par lagabhag kisee bhee app par gatisheel roop se hamala kar sakata hai, sabhee ko pratyek lakshit ke lie poorv-konfigareshan kee aavashyakata ke bina. Application.

Straindahog dosh sambhaavit roop se khataranaak aur sambandhit hain:
lakshit upayogakartaon ke lie hamale ko pahachaanana lagabhag asambhav hai,

Yah vinyaas kee aavashyakata ke bina kisee lakshit divais par sthaapit kisee bhee app ke lie interface ko Hijack karane ke lie istemaal kiya ja sakata hai,

Isaka upayog kisee bhee upakaran kee anumati ke lie dhokhaadhadee se kiya ja sakata hai, isaka upayog bina root ekses ke kiya ja sakata hai,

Yah q ko chhodakar android ke sabhee sanskaranon par kaam karata hai.

Yah divais par kaam karane ke lie kisee vishesh anumati kee aavashyakata nahin hai.

Ek aashvast nakalee skreen ke maadhyam se login kredenshiyals choree karane ke alaava, mailaveyar app upayogakartaon ko ek vaidh app ke roop mein sanvedanasheel divais anumatiyon ko dene mein dhokha dekar apanee kshamataon ko kaaphee badha sakata hai.

Straindahog 2.0 ka upayog karate hue, hamalaavar device par ek baar durbhaavanaapoorn app install karane, nijee esemes sandeshon aur tasveeron tak pahunch praapt karane, peediton ke login kredenshiyals choree karane, jeepeees aandolanon ko traik karane, aur / ya phone par baatacheet karane, aur ek phon ke maadhyam se jaasoosee kar sakate hain. kaimara aur micro phone, shodhakartaon ne kaha.



Surakshaa shodhakartaoin ne pichhale saal December mein google ko naye bhedyata kee jimmedaree dee.

usake baad, google ne ek paich taiyaar kiya aur ise April 2020 mein smart phone nirmaan kampaniyon ke saath saajha kiya, jinhonne ab is maheene ke lie apane sambandhit upayogakartaon ko software update rol aaut karana shuroo kar diya hai.

haalaanki, kaary apaharan hamalon ko rokane ya unaka pata lagaane ka koee prabhaavee aur vishvasaneey tareeka nahin hai, phir bhee upayogakarta straindahogag 1.0 kee riporting karate samay hamaare dvaara saajha kee gaee visangatiyon par nazar rakh kar aise hamale kar sakate hain, jaise:

aap pahale se log in hain ek app ek login ke lie poochh raha hai,

anumati popap jisamen app ka naam nahin hai,

Anumatiyan us app se pochee jaatee hain jisake lie usake dvaara manage gaee anumatiyon kee aavashyakata ya aavashyakata nahin hotee hai,

batan aur link yoojar interface mein click karane par kuchh nahin karate,

baik batan apeksha ke anuroop kaam nahin karata hai.

yah lekh rochak laga? hamaare dvaara post kee gaee vishesh saamagree ko padhane ke lie thn ko facebook, twitter, aur LinkedIn par follow karen.
Gulshan Nandeshwar

Posted by Gulshan Nandeshwar

This is a site where you find unique and professional My website writers now dashing and fabulous look Develop by Gulshan Nandeshwar. instagram facebook-f twitter youtube pinterest

Post a Comment

0 Comments

Post a Comment