Discover and read the best of Twitter Threads about #strandhogg
Most recents (2)
1/ Thread about #StrandHogg
So a “new” #Android vulnerability with the usual pack (name, website, fancy logo) is in town. #StrandHogg is far from being new. Task hijacking in Android has been documented in 2015 usenix.org/system/files/c…
So a “new” #Android vulnerability with the usual pack (name, website, fancy logo) is in town. #StrandHogg is far from being new. Task hijacking in Android has been documented in 2015 usenix.org/system/files/c…
2/ It is also a documented feature in the Android developer documentation developer.android.com/guide/componen…
3/ Yes sure you don’t need root to exploit #StrandHogg but you still need to comprise the victim’s device first by installing a malicious app on it 
Beware #Android Users!
A new unpatched #vulnerability — dubbed Strandhogg — in Android could let malicious apps take extensive control over your device & steal your login credentials.
Details: thehackernews.com/2019/12/strand…
Dozens of apps are already exploiting this flaw in the wild.
A new unpatched #vulnerability — dubbed Strandhogg — in Android could let malicious apps take extensive control over your device & steal your login credentials.
Details: thehackernews.com/2019/12/strand…
Dozens of apps are already exploiting this flaw in the wild.
@Swati_THN 1) #Phishing Attacks:
#Strandhogg task hijacking vulnerability can be exploited to display a fake user interface (UI) while tricking users into thinking they are using a legitimate app, making it easy for the malware to steal their credentials using spoofed login interfaces.
#Strandhogg task hijacking vulnerability can be exploited to display a fake user interface (UI) while tricking users into thinking they are using a legitimate app, making it easy for the malware to steal their credentials using spoofed login interfaces.
@Swati_THN 2) Fraudulently Requesting Permissions:
A malicious app can also escalate its capabilities significantly by tricking users into granting sensitive device permissions while posing as a legitimate app.
Read more: thehackernews.com/2019/12/strand…
#infosec #hacking #cybersecurity
A malicious app can also escalate its capabilities significantly by tricking users into granting sensitive device permissions while posing as a legitimate app.
Read more: thehackernews.com/2019/12/strand…
#infosec #hacking #cybersecurity
