Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Researchers identify zero-day vulnerabilities in Xiaomi Mi6, Samsung Galaxy S9

November 2018 by F-Secure

Team from F-Secure’s MWR Labs demos exploits for previously undisclosed
vulnerabilities at Mobile Pwn2Own competition

Researchers from F-Secure’s MWR Labs
successfully demonstrated attacks leveraging zero-day vulnerabilities in different
smart phones at the Mobile Pwn2Own competition in Tokyo. The team competed in four
different categories at the event, and successfully demonstrated unpublished
exploits for the Xiaomi Mi6 and Samsung Galaxy S9 smart phones.

The research team consisted of F-Secure’s MWR Labs’ Rob Miller, Georgi Geshev,
and Fabian Berteke. And according to F-Secure Managing Director Ed Parsons, the
team’s discoveries add to MWR Labs’ successful Pwn2Own track record, and
exemplify how the competition helps consultants learn so they can offer better
protection to customers.

“We use research to push the boundaries of the cyber security industry, helping
our clients predict, protect, detect and respond to modern cyber attacks,” said
Parsons. “Pwn2Own is a great opportunity to develop and test ourselves while
helping to secure technology many of us rely on. We’re very proud of the team’s
latest win and their overall track record in the competition.”

Teams from MWR Labs have demonstrated zero-day attacks against devices from Huawei
and Samsung in past Pwn2Own competitions, as well as Apple’s Safari and Google’s
Chrome web browsers.

Pwn2Own is a competition organized by the Zero Day Initiative where security
researchers compete to exploit popular devices by using previously undisclosed
(zero-day) vulnerabilities. The competition is held twice a year, with one event
focusing on desktops and another focusing on mobile devices. Internet of things
devices were also included in this year’s mobile competition.

According to F-Secure President and CEO Samu Konttinen, competing in events like
Pwn2Own help experts learn to apply creativity and innovative thinking to security
research, which ensures they stay a step ahead of attackers.

All vendors have been made aware of the vulnerabilities and are now working to patch
them. Advisories will be published once patches become available.


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts