Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

vendredi 13 septembre 2019

Simjacker Vulnerability Impacting up to 1 Billion Phone Users (CERT-EU Security Advisory 2019-020)

AdaptiveMobile Security have uncovered a new and previously undetected vulnerability and associated exploits, called Simjacker. This vulnerability is currently being actively exploited. The main Simjacker attack involves an SMS containing a specific type of spyware-like code being sent to a mobile phone, which then instructs the SIM Card within the phone to "take over" the mobile phone to retrieve and perform sensitive commands. During the attack, the user is completely unaware that they received the attack, that information was retrieved, and that it was successfully exfiltrated.

Lien vers l'article source

Auteur: Cert EU

Catégories: CertEUNombre de vues: 501


Événements SSI