Forwarded from ๐ ๐๐ข๐ช ๐๐จ๐ ๐ฃ (๐ ๐๐ข๐ช๐ป๐ฎ ๐
)
Rooting and Security: Busting the Myth
Thereโs a common myth floating around that rooting your Android device automatically makes it insecure. This is simply not true. Rooting doesnโt magically give others access to your device; itโs only you, the device owner, who has control. When done right, rooting can even enhance security.๐ญ ๐ญ ๐ซ โญ ๐ซ
Hereโs why:
When you root your device, youโre essentially unlocking a level of control over the system. This means you can deny or grant specific apps permissions to access deeper system files. You manage what apps can or canโt do, which provides more control over what runs on your phone.
You can root your device while keeping SELinux (Security-Enhanced Linux) enforcement on, which is a security feature designed to prevent unauthorized access.
Using (cRom) inbuilt PIF / module & some close source modues like shamiko, zygisk next & trickystore modules allows your device to pass Googleโs SafetyNet (the security feature designed to detect root) & PI. you can use apps like Netflix or Payment apps, which normally refuse to work compromised devices.
Rooting can also let you take control of your privacy. For example, you can block intrusive ads, nuke bloatwares, limit what information apps can access, or even block trackers that collect data on your behavior. The list goes on & on....
In short, if you know what you're doing, rooting your device doesn't necessarily weaken its security and can be just as secure, if not more, than a stock device. Itโs all about how you manage root access and use the proper tools.
๐ ๐๐ข๐ช ๐๐จ๐ ๐ฃ
Thereโs a common myth floating around that rooting your Android device automatically makes it insecure. This is simply not true. Rooting doesnโt magically give others access to your device; itโs only you, the device owner, who has control. When done right, rooting can even enhance security.
Hereโs why:
Root Permissions:
When you root your device, youโre essentially unlocking a level of control over the system. This means you can deny or grant specific apps permissions to access deeper system files. You manage what apps can or canโt do, which provides more control over what runs on your phone.
SELinux Support:
You can root your device while keeping SELinux (Security-Enhanced Linux) enforcement on, which is a security feature designed to prevent unauthorized access.
Attestation & Integrity:
Using (cRom) inbuilt PIF / module & some close source modues like shamiko, zygisk next & trickystore modules allows your device to pass Googleโs SafetyNet (the security feature designed to detect root) & PI. you can use apps like Netflix or Payment apps, which normally refuse to work compromised devices.
Improved Privacy:
Rooting can also let you take control of your privacy. For example, you can block intrusive ads, nuke bloatwares, limit what information apps can access, or even block trackers that collect data on your behavior. The list goes on & on....
In short, if you know what you're doing, rooting your device doesn't necessarily weaken its security and can be just as secure, if not more, than a stock device. Itโs all about how you manage root access and use the proper tools.
However, while this optimistic view is valid for users who take care, it's also essential to recognize some downsides (like potential risks, voided warranties, or the possibility of bricking your device) that come with rooting, as discussed earlier. Rooting doesn't automatically make your device less secure, but it does open up more potential for misuse, so itโs important to have a solid understanding
๐ ๐๐ข๐ช ๐๐จ๐ ๐ฃ
Please open Telegram to view this post
VIEW IN TELEGRAM
Forwarded from The Hacker News
๐จ Warning to Developers: Malicious Solana-related npm and PyPI packages are designed to steal #Solana private keys, drain wallets, and even delete your files.
Learn more: https://thehackernews.com/2025/01/hackers-deploy-malicious-npm-packages.html
Learn more: https://thehackernews.com/2025/01/hackers-deploy-malicious-npm-packages.html
Forwarded from The Hacker News
๐ Data SecurityโNot Just About Visibility, But About CONTROL!
Satori secures ALL dataโnot just analytical. From production data to AI models, every data type is covered.
๐ก Key Benefits:
โคท Continuous discovery and classification of data across your organization
โคท Automated security policies that adapt to new data and users
โคท Instant alerts for misconfigurations or risky access
๐ Discover how Satori can automate and secure your data: https://thehackernews.com/2025/01/product-walkthrough-how-satori.html
Satori secures ALL dataโnot just analytical. From production data to AI models, every data type is covered.
๐ก Key Benefits:
โคท Continuous discovery and classification of data across your organization
โคท Automated security policies that adapt to new data and users
โคท Instant alerts for misconfigurations or risky access
๐ Discover how Satori can automate and secure your data: https://thehackernews.com/2025/01/product-walkthrough-how-satori.html
Forwarded from The Hacker News
๐ This week in cybersecurity: From nation-state attacks to cutting-edge malware, insider threats, and groundbreaking policies, the digital landscape is shifting fast.
Get the insights you need to stay secure and ahead of the curve.
Read: https://thehackernews.com/2025/01/thn-weekly-recap-top-cybersecurity_20.html
Get the insights you need to stay secure and ahead of the curve.
Read: https://thehackernews.com/2025/01/thn-weekly-recap-top-cybersecurity_20.html
Forwarded from The Hacker News
๐จ Urgent: Notorious DoNot Team (APT-C-35) is behind a new Android malware campaign using a fake chat app, Tanzeem, to steal sensitive information.
๐ฑ Malware functionality: The app steals contacts, call logs, SMS, location, and more.
โก New tactic: Push notifications deliver additional malware, ensuring persistence on the device.
๐ Explore how this attack works: https://thehackernews.com/2025/01/donot-team-linked-to-new-tanzeem.html
๐ฑ Malware functionality: The app steals contacts, call logs, SMS, location, and more.
โก New tactic: Push notifications deliver additional malware, ensuring persistence on the device.
๐ Explore how this attack works: https://thehackernews.com/2025/01/donot-team-linked-to-new-tanzeem.html
Forwarded from The Hacker News
๐ด Multiple tunneling protocols, including GRE and IP6IP6, have vulnerabilities that could expose 4.2 million hosts to cyberattacks.
โ ๏ธ What attackers can do:
โคท Hijack your network
โคท Launch anonymous DoS/DDoS attacks
โคท Bypass security filters using trusted IPs
Find out more: https://thehackernews.com/2025/01/unsecured-tunneling-protocols-expose-42.html
โ ๏ธ What attackers can do:
โคท Hijack your network
โคท Launch anonymous DoS/DDoS attacks
โคท Bypass security filters using trusted IPs
Find out more: https://thehackernews.com/2025/01/unsecured-tunneling-protocols-expose-42.html
Forwarded from The Hacker News
๐จ CERT-UA is warning of ongoing social engineering attacks impersonating their agency via AnyDesk connection requests.
These malicious requests claim to conduct security audits, tricking users into trusting cyber attackers.
Explore the full details: https://thehackernews.com/2025/01/cert-ua-warns-of-cyber-scams-using-fake.html
These malicious requests claim to conduct security audits, tricking users into trusting cyber attackers.
Explore the full details: https://thehackernews.com/2025/01/cert-ua-warns-of-cyber-scams-using-fake.html
Forwarded from The Hacker News
Cybercriminals are leveraging a multi-stage loader, PNGPlug, hidden in seemingly legitimate software to target Chinese-speaking regions with ValleyRAT malware.
๐ Learn more: https://thehackernews.com/2025/01/pngplug-loader-delivers-valleyrat.html
๐ Learn more: https://thehackernews.com/2025/01/pngplug-loader-delivers-valleyrat.html
Forwarded from The Hacker News
๐ Former CIA Analyst Pleads Guilty to Leaking Top Secret Info!
โคท Top Secret Documents leaked, including intel on Israel's military actions against Iran.
โคท How did he do it? Smuggled documents out of CIA headquarters in a backpack.
๐ Read more: https://thehackernews.com/2025/01/ex-cia-analyst-pleads-guilty-to-sharing.html
โคท Top Secret Documents leaked, including intel on Israel's military actions against Iran.
โคท How did he do it? Smuggled documents out of CIA headquarters in a backpack.
๐ Read more: https://thehackernews.com/2025/01/ex-cia-analyst-pleads-guilty-to-sharing.html
Forwarded from The Hacker News
A massive botnet powered by 13,000 hijacked MikroTik routers is sending malicious emails to bypass email protections and launch malware campaigns.
The attack leverages misconfigured DNS and SPF records, making it easier for threat actors to spoof legitimate domains.
Read the full analysis here: https://thehackernews.com/2025/01/13000-mikrotik-routers-hijacked-by.html
The attack leverages misconfigured DNS and SPF records, making it easier for threat actors to spoof legitimate domains.
Read the full analysis here: https://thehackernews.com/2025/01/13000-mikrotik-routers-hijacked-by.html
Forwarded from The Hacker News
Your appโs security should be resilient, not just protective.
Join Guardsquare's webinar to learn how to safeguard against evolving threats with multilayered protections without compromising performance or speed.
Register now: https://thn.news/multi-layered-app-protection-x
Join Guardsquare's webinar to learn how to safeguard against evolving threats with multilayered protections without compromising performance or speed.
Register now: https://thn.news/multi-layered-app-protection-x
Forwarded from The Hacker News
๐จ New Murdoc_Botnet Targets IoT Devices Worldwide!
Researchers have uncovered a massive botnet exploiting security flaws (CVE-2017-17215 & CVE-2024-7029) in AVTECH cameras and Huawei routers.
It has already infected 1,370+ devices since July 2024.
๐ Update your firmware, change default passwords, and secure your network now.
Find details here: https://thehackernews.com/2025/01/murdocbotnet-found-exploiting-avtech-ip.html
Researchers have uncovered a massive botnet exploiting security flaws (CVE-2017-17215 & CVE-2024-7029) in AVTECH cameras and Huawei routers.
It has already infected 1,370+ devices since July 2024.
๐ Update your firmware, change default passwords, and secure your network now.
Find details here: https://thehackernews.com/2025/01/murdocbotnet-found-exploiting-avtech-ip.html
Forwarded from The Hacker News
๐ Details Emerge About BitLocker Flaw!
CVE-2025-21210 allows attackers to bypass BitLocker encryption by corrupting a registry key, which causes unencrypted hibernation images to be written to disk.
Learn more: https://thehackernews.com/2025/01/3-actively-exploited-zero-day-flaws.html#details-emerge-about-cve-2025-21210
CVE-2025-21210 allows attackers to bypass BitLocker encryption by corrupting a registry key, which causes unencrypted hibernation images to be written to disk.
Learn more: https://thehackernews.com/2025/01/3-actively-exploited-zero-day-flaws.html#details-emerge-about-cve-2025-21210
Forwarded from The Hacker News
๐ฃ CISA BOD 25-01 is here.
This latest directive outlines requirements to ensure that Microsoft 365 cloud environments and SaaS applications are safe and secure.
Get prepared to meet those essential compliance deadlines.
๐ Learn how federal civilian agencies can ensure SCuBA policy alignment: https://thn.news/o8o8sp2s
This latest directive outlines requirements to ensure that Microsoft 365 cloud environments and SaaS applications are safe and secure.
Get prepared to meet those essential compliance deadlines.
๐ Learn how federal civilian agencies can ensure SCuBA policy alignment: https://thn.news/o8o8sp2s
Forwarded from The Hacker News
โก Cloudflareโs latest report reveals the largest DDoS attack ever recorded โ 5.6 Terabits per second!
โคท Originated from over 13,000 IoT devices
โคท The attack targeted an ISP in Eastern Asia
๐ Learn more: https://thehackernews.com/2025/01/mirai-botnet-launches-record-56-tbps.html
โคท Originated from over 13,000 IoT devices
โคท The attack targeted an ISP in Eastern Asia
๐ Learn more: https://thehackernews.com/2025/01/mirai-botnet-launches-record-56-tbps.html
Forwarded from The Hacker News
โ ๏ธ Oracle has released its Critical Patch Update for January 2025, addressing a massive 318 security vulnerabilities across its products.
The most severe flaw could give attackers full control over affected systems.
Read the full update: https://thehackernews.com/2025/01/oracle-releases-january-2025-patch-to.html
The most severe flaw could give attackers full control over affected systems.
Read the full update: https://thehackernews.com/2025/01/oracle-releases-january-2025-patch-to.html
Forwarded from The Hacker News
๐จ Alert: A previously unknown China-linked APT group, PlushDaemon, has been linked to a 2023 supply chain attack targeting a South Korean VPN provider.
From screen recording to browser password harvesting โ this backdoor does it all.
Read more: https://thehackernews.com/2025/01/plushdaemon-apt-targets-south-korean.html
From screen recording to browser password harvesting โ this backdoor does it all.
Read more: https://thehackernews.com/2025/01/plushdaemon-apt-targets-south-korean.html
Forwarded from The Hacker News
๐ค 65% of security teams rely solely on pentest vendors for their reports. What happens when you canโt verify those reports?
โคท HackGATE fixes this by offering real-time visibility into pentest activities.
โคท Gain deeper insight into every test phase, ensuring quality and accountability.
Donโt just trust the reportโverify it!
โก See how HackGATE can help: https://thehackernews.com/2025/01/hackgate-setting-new-standards-for.html
โคท HackGATE fixes this by offering real-time visibility into pentest activities.
โคท Gain deeper insight into every test phase, ensuring quality and accountability.
Donโt just trust the reportโverify it!
โก See how HackGATE can help: https://thehackernews.com/2025/01/hackgate-setting-new-standards-for.html
Forwarded from The Hacker News
โ๏ธ U.S. President Trump pardons Ross Ulbricht, creator of the Silk Road darkweb marketplace, after 11 years behind bars.
Ulbrichtโs life sentence for trafficking and hacking is now officially void.
๐ Read the full article: https://thehackernews.com/2025/01/president-trump-pardons-silk-road.html
Ulbrichtโs life sentence for trafficking and hacking is now officially void.
๐ Read the full article: https://thehackernews.com/2025/01/president-trump-pardons-silk-road.html