Advintel cybersecurity experts: Malware operators now target exposed RDP connections to gain an initial foothold and exploit CVE-2018-8453 and CVE-2019-1069.
Google’s Project Zero expert Maddie Stone: A new 0-day vulnerability on Android mobile can give attackers full control of at least 18 phone models and it’s being exploiting in the wild
New threat for Android mobile phones: a 0-day vulnerability that that can give attackers full control of the phone. Hit & Sec News explained that a cyber security expert of Google’s Project Zero research group uncover the flaw. This is related to at least 18 different phone models. There’s evidence the vulnerability is being actively exploited, either by exploit developer NSO Group or one of its customers, Project Zero member Maddie Stone said in a post. Exploits require little or no customization to fully root vulnerable phones. Moreover, the bug is being used in the wild. So there is a high probability that cybercrime is exploiting it to perform malicious actions into users devices.
How, according to the cyber security experts, the flaw could be exploited
According to the cyber security experts, the Android flaw can be exploited two ways:
- when a target installs an untrusted app;
- for online attacks, by combining the exploit with a second exploit targeting a vulnerability in code the Chrome browser uses to render content.
“The bug is a local privilege escalation vulnerability that allows for a full compromise of a vulnerable device,” Stone wrote. “If the exploit is delivered via the Web, it only needs to be paired with a renderer exploit, as this vulnerability is accessible through the sandbox.” Some of the vulnerable devices are;
- Pixel 2 with Android 9 and Android 10 preview
- Huawei P20
- Xiaomi Redmi 5A
- Xiaomi Redmi Note 5
- Xiaomi A1
- Oppo A3
- Moto Z3
- Oreo LG phones (run same kernel according to website)
- Samsung S7, S8, S9