Starlight Intelligence’s Post

Google to remove app from Pixel devices following claims that it made phones vulnerable. Key takeaways: 1. The Android package, "Showcase.apk," allegedly leaves millions of Pixel devices susceptible to cyberattacks, according to a report by cybersecurity company iVerify. This could lead to cybercriminals injecting malicious code and potentially invasive spyware into users' devices. 2. Tech giant Google disputes these claims, asserting that the issue does not amount to an Android platform or Pixel vulnerability. They further state that exploitation of the said app requires both physical access to the device and the user's password, acting on precautionary basis, Google is removing the app from supported Pixel devices. 3. Amid the controversy, the report highlights the importance of cybersecurity vigilance and user protection. Despite this specific case, the potential for widespread security issues on popular mobile devices presents significant concerns, affecting the overall trustworthiness of Android devices. Learn more by visiting The Record from Recorded Future News: https://lnkd.in/eE-wi8as

 🚨 Security Alert for Google Pixel Users 🚨 A large percentage of Google Pixel devices shipped since 2017 have had a dormant app, "Showcase.apk," that could be exploited to install malware and stage attacks. Developed for Verizon demo devices, this app was found to download a vulnerable configuration file over unsecured HTTP, making Pixel smartphones susceptible to adversary-in-the-middle attacks. https://lnkd.in/gzz_dWeq #cybersecurity #vulnerability #googlepixel #mobilesecurity

WIRED ARE YOU CYBER CLOWN 🤡 ? OR ARE YOU PAYED TO SPREAD MISINFORMATIONS ? https://lnkd.in/dgJTNhFg iVerify are scammers and anyone paying them money should rapidly stop doing it and remove their malware from their devices. The real security risk is giving remote code execution on your devices to one of these sketchy EDR companies lying about their capabilities and discoveries.

🚨 Critical Vulnerability Puts Millions of Pixel Devices at Risk 🚨 Google Pixel devices have been found to hold a critical vulnerability, endangering millions of users globally. The vulnerability lies within a pre-installed system-level application known as Showcase. apk, has been given root access to change system-level behaviours on the device. An attacker can tamper with the configuration file in transit and execute arbitrary code on a target automation device. Such serious vulnerability could be hacked and used to release credit cards, stolen data or worse spyware over the years. The researchers responsibly disclosed this issue to Google, though there is no official patch or removal of the app and many devices remain unprotected. Anyone in a spot like this knows how essential multi-layered security practices are. We have to update software in future also with the latest Security Patches that do not allow such action, Users must stay away from third-party apps that people think its less expensive. Implementing trustworthy mobile security offerings can provide the additional protection that these vulnerabilities lack. Manufacturers cannot afford to delay security patch deployment and must reconsider the utility of pre-loaded high-privilege applications. And this incident underlines the ever-growing threat environment in the mobile ecosystem which will require a proactive approach from both users and vendors. Keep Secure and Stay Safe -Knowing is Half the Battle! 🔍 Discover how important it is and how you can stay safe: https://lnkd.in/gg7XfiU8 #CyberSecurity, #Android, #Pixel,#DataProtection, #MobileSecurity

Google has revealed the detection of two Android zero-day security vulnerabilities in its Pixel smartphones, with patches already available as per the recent Pixel Update Bulletin. Even more concerning, the flaw is already being exploited in targeted attacks. Two Android zero-day vulnerabilities exploited in targeted attacks In a recent announcement, Google disclosed the detection of two zero-day security vulnerabilities in its Pixel smartphones. The first vulnerability, CVE-2024-29745 (CVSS 7.2), pertains to an information disclosure flaw in the bootloader component, potentially compromising data confidentiality. The second vulnerability, CVE-2024-29748, involves a privilege escalation flaw in the firmware component, enabling unauthorized access and control over the device. According to Google’s advisory, these vulnerabilities were addressed on April 2, 2024. However, the original discovery occurred in early January 2024 by GrapheneOS developers. Fortunately, they are subject to limited, targeted exploitation, reducing the risk of widespread exploitation. Nonetheless, Google urges all Pixel smartphone users to update their devices to the latest software version promptly. ~First Hackers News To Continue reading this article, click on this link >>> https://lnkd.in/g-2A_eBN #google #android #zeroday #vulnerabilities #pixel #patches #attacks #compromise #privilegeescalation #firmware #update #cyberattack #cybersecurity #fhn #firsthackersnews #informationsecurity #latestnews

Google will remove high-privileged Android app from Pixel phones.: CISA warns of actively exploited SolarWinds flaw. New macOS malware surfaces. #cyber #cybersecurity #cybersecurityjobs #cyberjobs #technology #management #informationsecurity #innovation

Google will remove high-privileged Android app from Pixel phones.: CISA warns of actively exploited SolarWinds flaw. New macOS malware surfaces. #cyber #cybersecurity #cybersecurityjobs #management #informationsecurity #innovation #technology #cyberjobs

Today's workforce is more reliant than ever on mobile platforms to access business-critical apps, making mobile devices an increasingly popular attack surface for threat actors using tactics such as social engineering, malicious apps, and vulnerability exploits. IT security teams have historically prioritized desktop and server security while often neglecting the expanding mobile threat. Recognizing this weak spot, cybercriminals have adjusted their tactics to focus on mobile users as the initial link in the cyber kill chain. Closing this gap begins with recognizing that desktop and mobile are not the same — not even close.  A solution tailored to address the unique requirements of the mobile environment is needed to protect businesses from these modern-day attacks. Check out my latest blog to learn about the unique and constantly evolving challenges facing mobile endpoints and discover how Lookout's mobile EDR solution is uniquely positioned to tackle them.

Google has revealed the detection of two Android zero-day security vulnerabilities in its Pixel smartphones, with patches already available as per the recent Pixel Update Bulletin. Even more concerning, the flaw is already being exploited in targeted attacks. Two Android zero-day vulnerabilities exploited in targeted attacks In a recent announcement, Google disclosed the detection of two zero-day security vulnerabilities in its Pixel smartphones. The first vulnerability, CVE-2024-29745 (CVSS 7.2), pertains to an information disclosure flaw in the bootloader component, potentially compromising data confidentiality. The second vulnerability, CVE-2024-29748, involves a privilege escalation flaw in the firmware component, enabling unauthorized access and control over the device. According to Google’s advisory, these vulnerabilities were addressed on April 2, 2024. However, the original discovery occurred in early January 2024 by GrapheneOS developers. Fortunately, they are subject to limited, targeted exploitation, reducing the risk of widespread exploitation. Nonetheless, Google urges all Pixel smartphone users to update their devices to the latest software version promptly. ~First Hackers News To Continue reading this article, click on this link >>> https://lnkd.in/g-2A_eBN #google #android #zeroday #vulnerabilities #pixel #patches #attacks #compromise #privilegeescalation #firmware #update #cyberattack #cybersecurity #fhn #firsthackersnews #informationsecurity #latestnews

This cannot be said enough - securing mobile devices is a fundamentally unique challenge versus securing desktop, laptops, and servers. Mobile devices are different hardware running different software facing a different threat landscape. Trying to secure them using a traditional endpoint security strategy is like trying to fit a square peg in a round hole. Learn about the how and the why from Jim Dolce.