(Adobe Stock)
Android devices on the latest version of the operating system were discovered to be impacted by a vulnerability that exposes DNS queries upon switching VPN servers despite the activation of the “Always-on VPN” functionality while blocking connections that do not have VPN, according to BleepingComputer.
Such a security flaw, which stems from the utilization of apps directly communicating with the getaddrinfo C function, enables DNS traffic leaks in the event of an active VPN without any DNS server or issues with the VPN app, said commercial VPN service Mullvad, which investigated the bug after being identified by one of its users.
“We have not found any leaks from apps that only use Android API:s such as DnsResolver. The Chrome browser is an example of an app that can use getaddrinfo directly. The above applies regardless of whether ‘Always-on VPN’ and ‘Block connections without VPN’ is enabled or not, which is not expected OS behavior and should therefore be fixed upstream in the OS,” said Mullvad, which noted that remediating the flaw is possible by establishing a fraudulent DNS server when the VPN app is active but stressed that the issue should be fixed directly by Google.
SC Staff
Threat actors have been distributing the novel Antidot Android banking trojan as fraudulent Google Play updates to facilitate credential compromise and other malicious actions, SecurityWeek reports.
SC Staff
The North Korea-linked Kimsuky hacking group has launched a new social engineering campaign targeting activists in the North Korean human rights and anti-North Korea sectors, The Hacker News reports.
David Balaban
Organizations must make software supply chain security a collaborative effort where everyone on the development team gets involved.
On-Demand Event
On-Demand Event
By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.
Copyright © 2024 CyberRisk Alliance, LLC All Rights Reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorization.
Your use of this website constitutes acceptance of CyberRisk Alliance Privacy Policy and Terms & Conditions.
About The Author
More Stories
Solving Crime Without Breaking Encryption
Community Snapshot—May
From Refugee to Digital Leader: How Justin Is Helping to Connect Rhino Camp