David Shamah reports:
For the second time in a month, an Israeli team has uncovered a major security breach built in smartphone hardware that millions of users depend upon – and expect to be safe to use. A joint team of researchers from Israeli cyber security firms Cynet and BugSec announced their find on Thursday.
Just three weeks ago, the same team unveiled a security flaw allowing hackers to breach through firewalls and control computers and laptops.
[…]
The vulnerability allows hackers to use a JavaScript routine to run server side code, allowing them to extend the reach of code to take control of a device. In a blog post, the researchers detail and demonstrate how they were able to grab phone numbers and ID information out of a phone’s memory, access a phishing site with a device’s browser to download malware, or even to run a denial of service hack attack against a web site – directly from the device, without its owner even being aware of what was going on.
Read more on Times of Israel.