Samsung Will Fix Security Hole in Galaxy Smartphones

reset-scary-2.jpg

Samsung will update the security software on its Galaxy smartphones to address a flaw that researchers warned could let attackers access people's devices.

Earlier, researchers at NowSecure, a mobile security company, identified the flaw in SwiftKey, a keyboard application that comes preloaded on Galaxy smartphones. The flaw could be exploited even when SwiftKey was not used as the default keyboard, NowSecure said.

 Samsung said it would issue a fix that would roll out over the coming days to owners of the Galaxy S4, released in 2013, and later models. Those devices have Samsung's Knox security platform installed by default and can receive over-the-air security policy updates. Users must have automatic updates activated in their phone's settings, Samsung said on its website.
For earlier Galaxy phones that don't come with Knox, Samsung said it was working on an expedited firmware update.

Availability will vary depending on the model, region and service carrier.
SwiftKey's app, which predicts words as users type, is also available from the Google Play and Apple App stores. But those versions of the app were not affected by the vulnerability, a SwiftKey spokeswoman said.
Computerworld: http://bit.ly/1GutdVC

« Hackers Invade Hospital Networks
Paying for Non-Secrets »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Reed Smith LLP

Reed Smith LLP

Reed Smith LLP is an international law firm with offices in the USA, Europe, Middle East and Asia. Practice areas include Information Technology, Privacy & Data Security.

International Organization for Standardization (ISO)

International Organization for Standardization (ISO)

ISO is an independent, non-governmental international standards organization. The ISO/IEC 27001 is the standard for information security management systems.

QATestLab

QATestLab

QATestLab is a leading International software testing company offering a full range of software testing services including security testing.

Cyber Security Capital (CS^)

Cyber Security Capital (CS^)

Cyber Security Capital is a consultancy helping to mobilise and empower individuals, corporate leaders and entrepreneurs in cyber security.

LinOTP

LinOTP

LinOTP is an enterprise level, innovative, flexible and versatile OTP-platform for strong authentication.

Grupo CFI

Grupo CFI

Grupo CFI is the largest Spanish network of data protection and cybersecurity professionals.

ENLIGHTENi

ENLIGHTENi

ENLIGHTENi are the platform to develop next-gen talent in Technology, Risk, and Cybersecurity. Our mission is to develop next-gen talent through challenge-based learning and team collaboration.

Finosec

Finosec

Finosec's mission is to change the way information security and cybersecurity are managed in banking.

SecSign Technologies

SecSign Technologies

SecSign Technologies delivers user authentication, messaging, file sharing, and file storage with next generation security for company networks, websites, platforms, and devices.

LTIMindtree

LTIMindtree

LTIMindtree is a new kind of technology consulting firm. We help businesses transform – from core to experience – to thrive in the marketplace of the future.

10dot Cloud Security

10dot Cloud Security

10dot Cloud Security is a security service management company. Our solutions give you contextualised visibility into your network security.

McCrary Institute - Auburn University

McCrary Institute - Auburn University

The McCrary Institute seeks practical solutions to real-world problems in the areas of cyber and critical infrastructure security.

Atlant Security

Atlant Security

Atlant Security is a cyber and IT security company offering consulting and implementation services.

Intigriti

Intigriti

Intigriti helps companies protect themselves from cybercrime. Our community of ethical hackers provides continuous, realistic security testing to protect our customer’s assets and brand.

RKVST

RKVST

RKVST is a powerful tool that builds trust in multi-party processes when it’s critical to have high assurance in data for confident decisions.

Allot

Allot

Allot are a global provider of leading innovative network intelligence and security solutions for Service Providers and Enterprises worldwide.