Unpatched Samsung Chipset Vulnerabilities Open Android Users to RCE Attacks

Users of affected devices that want to mitigate risk from the security issues in the Exynos chipsets can turn off Wi-Fi and Voice-over-LTE settings, researchers from Google's Project Zero say. [TechWeb]( Follow Dark Reading: [RSS]( March 21, 2023 LATEST SECURITY NEWS & COMMENTARY [Unpatched Samsung Chipset Vulnerabilities Open Android Users to RCE Attacks]( Users of affected devices that want to mitigate risk from the security issues in the Exynos chipsets can turn off Wi-Fi and Voice-over-LTE settings, researchers from Google's Project Zero say. [Mirai Hackers Use Golang to Create a Bigger, Badder DDoS Botnet]( With HinataBot, malware authors have created a beast many times more efficient than even the scariest botnets of old, packing more than 3Tbit/s DDoS speeds. [ChatGPT Gut Check: Cybersecurity Threats Overhyped or Not?]( UK cybersecurity authorities and researchers tamp down fears that ChatGPT will overwhelm current defenses, while the CEO of OpenAI worries about its use in cyberattacks. [Cops Nab BreachForums Boss in New York]( The alleged mastermind of hacker forum BreachForums, "pompompurin," has been arrested in New York City, according to court documents. [Shouldering the Increasingly Heavy Cloud Shared-Responsibility Model]( There are a number of solutions that can help ensure security and compliance mandates are met in the cloud, but organizations should prioritize integration and policy-based management. [Cyberattackers Hoop NBA Fan Data via Third-Party Vendor]( The basketball playoffs are around the corner and convincing social-engineering attacks on fans using NBA-themed lures could be too. [(Sponsored Article) New Report: Inside the High Risk of Third-Party SaaS Apps]( A new report from Adaptive Shield looks at the how volume of applications being connected to the SaaS stack and the risk they represent to company data. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Meta Proposes Revamped Approach to Online Kill Chain Frameworks]( A more holistic model beyond MITRE et al. is needed to help defenders better identify and understand commonalities in different online threat campaigns, the Facebook parent company says. [The Ethics of Network and Security Monitoring]( The chances of getting hacked are no longer low. Companies need to rethink their data collection and monitoring strategies to protect employee privacy and corporate integrity. [BianLian Ransomware Pivots From Encryption to Pure Data-Theft Extortion]( The ransomware group has already claimed 116 victim organizations so far on its site, and it continues to mature as a thriving cybercriminal business, researchers said. [MORE]( EDITORS' CHOICE [Microsoft Outlook Vulnerability Could Be 2023's 'It' Bug]( Snowballing PoC exploits for CVE-2023-23397 and a massive attack surface means that almost any business user could be a victim. LATEST FROM THE EDGE [AI Has Your Business Data]( No-code has lowered the barrier for non-developers to create applications. AI will completely eliminate it. LATEST FROM DR TECHNOLOGY [IAM Startup Aembit Secures How Workloads Connect to Services]( Aembit launches from stealth with a cloud-based identity access management platform for enterprise workloads. WEBINARS - [ChatGPT: Defending Your Business Against AI-Supercharged Ransomware]( This webinar will dig into the ways criminals are projected to take advantage of ChatGPT and other AI tools to improve the reach and effectiveness of their ransomware attacks. The session will conclude with a review of a 12-step plan ... - [Ten Emerging Vulnerabilities Every Enterprise Should Know]( Every day, black hat attackers and white hat researchers are discovering new security vulnerabilities in widely-used systems and applications that might be exploited to compromise your data. Are you aware of the newest - and potentially most impactful - vulnerabilities ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [The Essential Guide to Secure Web Gateway]( - [The Relationship Between Security Maturity and Business Enablement]( - [Securing OT, Remote Access and Converged SOC Operations]( - [Top Three Considerations To Build, Deploy, and Run Your Application Journey]( - [Cloud Journey Adoption Stage: Securing Hybrid and Multi-cloud Environments]( - [What Elite Threat Hunters See that Others Miss]( - [State of Enterprise Cybersecurity: Invest Now, or Pay Big Later]( [View More White Papers >>]( FEATURED REPORTS - [The 10 Most Impactful Types of Vulnerabilities for Enterprises Today]( The enterprise attack surface is constantly expanding. Enterprises have to think beyond zero day vulnerabilities. It's imperative security teams start looking at vulnerabilities in 5G, firmware, edge, and ICS/OT, among others. Managing system vulnerabilities is one of the old ... - [Shoring Up the Software Supply Chain Across Enterprise Applications]( Supply chain security attacks are growing at an alarming pace, and things are going to keep getting worse until DevSecOps teams get on the same page. A little help from the feds could also be welcome Modern-day software development depends ... - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [SecurityBridge Introduces The SAP Management Dashboard]( [Prancer Announces Integration With ChatGPT for Enhanced Security Assessments]( [Rapid7 Acquires Minerva Labs to Extend Leading Managed Detection and Response Service]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [The 10 Most Impactful Types of Vulnerabilities for Enterprises Today]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)