Instant messaging application (such as iMessage and WhatsApp) is an important remote attack surface for smartphones, often used by spyware as the first step in APT attacks, and has received great attention in the past. Carrier Based video calling, as a native video calling feature of mobile phones, is also a major remote attack surface for smartphones. We have discovered fatal 0-day vulnerabilities in some native Carrier Based video calling of mobile phones, which have been present for at least 7 years. As long as the target accepts our video call invitation, we can exploit these vulnerabilities to remotely obtain code execution permissions for the target phone's system. In this session, we will introduce this remote attack surface we have discovered and provide a few examples to illustrate the potential issues and impacts that may arise within this attack surface. By: Qinrun Dai | PhD Student, University of Colorado Boulder Fan Yang | Security Researcher, Singular Security Lab Haikuo Xie | Security Researcher, Singular Security Lab Full Abstract and Presentation Materials Available: https://ift.tt/WCQsAMJ
source https://www.youtube.com/watch?v=xITV0DpBVGo
-
Android’s May 2024 security update patches 38 vulnerabilities, including a critical bug in the System component. The post Android Update ...
-
Germany recalled its ambassador to Russia for a week of consultations in Berlin following an alleged hacker attack on Chancellor Olaf Scho...
No comments:
Post a Comment