A Trojan SDK snuck past Google Play protections to infest 101 Android applications, bent on exfiltrating infected device data. Read More
Related Posts
Ransomware Group Starts Leaking Data Allegedly Stolen From Change Healthcare
Ransomware Group Starts Leaking Data Allegedly Stolen From Change Healthcare
[[{“value”:”
The RansomHub group has started leaking information allegedly stolen from Change Healthcare in February 2024.
The post Ransomware Group Starts Leaking Data Allegedly Stolen From Change Healthcare appeared first on SecurityWeek.
“}]] Read More
SecurityWeek RSS Feed
Samsung Announces $1 Million Rewards for Arbitrary Code Execution Vulnerabilities
Samsung Announces $1 Million Rewards for Arbitrary Code Execution Vulnerabilities
Samsung has significantly increased its bug bounty program as part of its ongoing efforts to enhance mobile security.
The tech giant is now offering rewards of up to $1 million for researchers who can demonstrate critical vulnerabilities in its mobile devices, particularly those related to arbitrary code execution on highly privileged targets.
This new initiative, part of Samsung’s Important Scenario Vulnerability Program (ISVP), focuses on vulnerabilities that could significantly impact their products. The program specifically targets the following critical scenarios:
Arbitrary code execution on privileged targets.
Device unlocking and full user data extraction.
Arbitrary application installation.
Bypass of device protection solutions.
Are you from SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Free Access
The highest reward of $1 million is reserved for remote arbitrary code execution vulnerabilities targeting Knox Vault, Samsung’s secure environment for storing sensitive data. Other notable rewards include:
Up to $400,000 for remote code execution on TEEGRIS OS.
Up to $300,000 for remote code execution on Rich OS.
Up to $400,000 for device unlock and full user data extraction before first unlock.
To qualify for these top-tier rewards, researchers must meet several criteria:
The report must fully satisfy the Good Report Bonus requirements.
Include a buildable exploit demonstrating a successful attack on one or more Important Scenarios.
The exploit must work consistently on the latest security update of the latest flagship devices (Galaxy S and Z series).
The exploit should be executable without privileges.
Samsung’s increased bounties reflect mobile security’s growing importance in an era of increasingly sophisticated cyber threats. Samsung encourages security researchers to find and report critical vulnerabilities, aiming to prevent potential attacks and protect users’ data.
This move aligns with Samsung’s long-standing commitment to mobile security. The company has been running its Mobile Security Rewards Program since 2016, continuously updating it to cover new devices and services.
The program now encompasses 38 Samsung mobile devices that receive monthly and quarterly security updates and various Samsung Mobile Services like Bixby, Samsung Account, Samsung Pay, and Samsung Pass.
By significantly increasing the potential rewards, Samsung is not only attracting more security researchers to detect vulnerabilities in its products but also showing its commitment to maintaining high standards of security for mobile devices in an increasingly complex digital world.
How to Build a Security Framework With Limited Resources IT Security Team (PDF) – Free Guide
The post Samsung Announces $1 Million Rewards for Arbitrary Code Execution Vulnerabilities appeared first on Cyber Security News.
Fake funeral “live stream” scams target grieving users on Facebook
Fake funeral “live stream” scams target grieving users on Facebook
Some scammers have the morals of an alley cat. But some sink even lower.
Over the last few months, Malwarebytes Labs has discovered scammers active on Facebook that prey on bereaved people by using stolen images and phony funeral live stream links to steal money and/or credit card details.
These scammers are becoming more active and new cybercriminals are picking up the method as well, which is something we see very often. When some scheme works, more lowlifes join in.
Currently, we are aware of two different approaches. One uses fake live stream links of the funeral. It asks people to follow a link where they can watch the funeral service and to share the link among their friends and family. The other asks for donations on behalf of the family of the deceased.
We followed the flow of one such scam, but you should be aware that there are several variations.
Usually, this type of scam starts with a comment on Facebook below the notification of a funeral home.
Comment made to look like an update
“UPDATE POST:
If you can afford you can donate.
Please share family and friends
Watch [name] Loveing Memory & Funeral ServiceLive Stream Online
WATCH LIVE [link]”
The domain the comment links to is not unique. Malwarebytes Premium blocks at least 4 other domains involved in the same type of scam. And there were more which have been taken offline by the time you read this.
If you follow the link, you’ll end up on a landing page similar to this one.
All three buttons lead to the same phishing site
All the buttons on this site pointed to a domain which we block for phishing.
Malwarebytes blocks pbg4jptrk.com
Adding the domain to the exclusion list allowed me to follow through, and I ended up on a site that wants you to sign up for your “favorite movies” so that I could allegedly get full access. Remember, I came here following links to the live stream of a funeral—not because I wanted to watch my “favorite movies.”
Sign up site to watch your favorite movies
After feeding the scam site a bogus email address, I was allowed to move on.
Membership activation. Credit crad details needed.
Here I am invited to activate my membership by providing my credit card details. Why do they need my credit card details for a free service?
This is the reason the site provides:
“WHY YOUR CREDIT CARD?
We have streaming licenses for our content for certain countries only. That’s why we need to verify your geographic location using a valid credit card. Your membership entitling you to all our content is only 2.00€, unless you decide to switch to premium mode at the end of the 3-day trial membership, or do not cancel your membership within the trial period.”
But the real reason can also be found if you look closely. Did you spot that tiny pre-checked line at the bottom of the left-hand pane?
I enlarged it, so you can read what the small print says.
The small print
“I consent and accept the conditions of the membership and would like a secondary membership. 2X recurring payments every 14 days, current rate (64 €). Cancel anytime.”
In March of 2024, the BBC warned that these cybercriminals sometimes respond to a posted memorial message within minutes. Using a fake profile and including the photograph and personal details of the dead person in their post.
The cybercriminals are good at making these Facebook posts look real. They often copy and paste real photographs of the deceased person taken from a funeral director’s site or a genuine tribute site. But they are fake and could turn out very costly for those that fall for them.
Protect yourself and others
Several funeral homes have started adding a note that “this funeral is not being live streamed” to their online notices to reduce the chance of people falling victim to them.
The National Association of Funeral Directors says:
“You shouldn’t have to pay to view a funeral live stream and official links will be provided via the funeral director to the bereaved family.”
Be aware of strange friend requests. They may be from scammers looking for a way to comment on your post.
When you see a comment with these links, please report them to Facebook immediately. They will be removed as soon as possible so others may be spared of falling victim.
Never provide your credit card details unless you are 100% sure who you are dealing with. And even then, filling out this type of information online always comes with a risk.
Associated domains
Fake streaming sites:
Qtvlivestreamhd[.]com
Hqonlivestream[.]xyz
Visitpageaus[.]com
Auseventstream[.]com
Phishing sites:
pbg4jptrk[.]com
paperpadpen[.]com