Tag Archive for: Permissions

Dangerous permissions detected in top Android health apps

/in


Leading Android health applications expose users to avoidable threats like surveillance and identity theft, due to their risky permissions. Cybernews has the story.

The Android challenge

In the digital age, mobile applications have become an integral part of our lives, transforming the way we communicate, work, and entertain ourselves. With the vast array of apps available at our fingertips, it’s easy to overlook the potential risks they may pose. Behind the sleek interfaces and promising functionalities lurks a hidden concern that has captured the attention of security researchers and users alike – dangerous Android app permissions.

Android, being the most widely used mobile operating system globally, offers developers great flexibility to create innovative and powerful applications. However, this flexibility also introduces a crucial challenge – maintaining a balance between user convenience and safeguarding sensitive data and privacy.

Our researchers took a look at 50 popular health apps – for fitness, sleep tracking, meditation, mental health, quitting smoking, blood-sugar measurement, and medication reminders, among other purposes – to test their permissions.

Android health apps with dangerous permissions

Android permissions

The Android operating system has a comprehensive permission system designed to protect a user’s privacy and security. While many permissions are essential for apps to function properly, some could be considered more dangerous as they grant apps access to sensitive data and functionalities that, if misused, could compromise user privacy and security.

Here are some of the most dangerous Android app permissions:

  • Location Access: This permission allows apps to track the user’s precise location using GPS and network information. While some apps genuinely need this permission for features like maps and location-based services, malicious apps could misuse this data for stalking, surveillance, or targeted advertising
  • Camera and Microphone Access: Granting an app access to your device’s camera and microphone poses significant privacy risks. Malicious apps with such permissions could spy on users, capture sensitive information, or record audio and video without consent.
  • SMS and Call Log Access:

Source…

Microsoft Discovers Nimbuspwn Privilege Escalation Vulnerability on Linux Systems Granting Hackers Root Permissions

/in


Microsoft discovered a privilege escalation vulnerability in Linux environments that could allow an attacker to take over computer systems.

The vulnerabilities collectively referred to as Nimbuspwn could be chained together to gain root privileges, allowing an attacker to create backdoors, deploy malicious payloads, and perform root code execution.

Microsoft says Nimbuspwn vulnerabilities could potentially be leveraged as a vector for ransomware deployment and other sophisticated threats, including nation-state cyber-espionage.

Nimbuspwn Linux privilege escalation vulnerability explained

Microsoft 365 defender research team began by listening to messages on the system bus leading them to review the code for the networkd-dispatcher.

They discovered information leaks via Directory Info Disclosure in Blueman and Directory Info Disclosure in PackageKit (CVE-2022-0987). Further probes led to the discovery of more issues on the networkd-dispatcher whose daemon runs at boot with root privileges.

A review of networkd-dispatcher code led to the discovery of directory traversal, symlink race, and time-of-check-time-of-use race conditions.

Microsoft says the networkd-dispatcher daemon used the “_run_hooks_for_state” method to discover and run scripts depending on the network state.

The method returns executable script files from the “/etc/networkd-dispatcher/.d” owned by the root user and the root group. The daemon then runs each script using the subprocess.Popen process.

Vulnerabilities in the networkd-dispatcher components:

  • The use of symbolic links – Microsoft discovered that the subprocess.Popen follows symbolic links in the discovery and running of scripts in the base directory.
  • Directory traversal vulnerability (CVE-2022-29799) – Microsoft discovered that the control flow fails to sanitize the OperationalState and the AdministrativeState states. Since the states are responsible for creating the executable script paths, an attacker could escape the “/etc/networkd-dispatcher” directory using the “../../” directory traversal patterns.
  • Time-of-check-time-of-use race condition (CVE-2022-29800) – Microsoft discovered a time gap between the discovery and execution of the root…

Source…

Android 11 Will Help You Rein In Zombie App Permissions – WIRED

/in
  1. Android 11 Will Help You Rein In Zombie App Permissions  WIRED
  2. Android 11 Beta is live: What’s new and how to download it now  Tom’s Guide
  3. Android 11 Beta goes live for Google Pixel phones with Device Controls API, Bubble notifications, and much more  XDA Developers
  4. The first Android 11 beta just landed  Android Authority
  5. View Full Coverage on read more

“android security news” – read more