CISA points Samsung smartphone safety replace warning.
SOPA Photos/LightRocket through Getty Photos
Following the latest affirmation that hackers exploited a crucial zero-day vulnerability in Samsung’s Android picture processing library to put in Landfall smartphone spyware throughout assaults, America’s Cyber Protection Company, and the U.S. nationwide coordinator for crucial infrastructure safety and resilience, CISA, has urged all organisations to replace as quickly as attainable. Some federal companies have a compulsory obligation to replace inside 21 days.
Guarantee Your Samsung Is Up to date In opposition to CVE-2025-21042
As I reported on November 8, attackers have been confirmed as being profitable in utilizing a zero-day vulnerability throughout the Samsung Android picture processing library, CVE-2025-21042, to put in spy ware on smartphones.
Safety researchers from the Palo Alto Networks Unit 42 group printed an in-depth analysis of the assaults, detailing how CVE-2025-21042 was exploited within the wild earlier than being patched by Samsung in April. This was no strange malware, both; this was commercial-grade spy ware of the very best order. It’s understood that the assaults began as early as July 2024, and had been in operation for months till lastly being patched by Samsung.
Unit 42 stated that CVE-2025-21042 was not the primary and is unlikely to be the final vulnerability that may be exploited by LandFall or related spy ware exploits. I’ve approached Samsung for an announcement.
Replace Your Samsung Gadgets Now, By Order Of CISA
When you’ve got already utilized that replace, sit again and chill out — you’re totally coated towards any danger from this Landfall assault. Nonetheless, if you’re amongst these organizations who haven’t, for no matter motive, then CISA needs to have an pressing phrase: replace now. OK, two phrases, however you get the concept.
CISA has added CVE-2025-21042 flaw to the Recognized Exploited Vulnerabilities catalog, which implies it’s now formally flagged as actively exploited, and Federal Civilian Government Department companies are legally mandated to safe their Samsung units inside 21 days or cease utilizing them.
“Though BOD 22-01 solely applies to FCEB companies,” CISA said, “CISA strongly urges all organizations to scale back their publicity to cyberattacks by prioritizing well timed remediation of KEV Catalog vulnerabilities as a part of their vulnerability administration apply.” So, Samsung customers, what to do and when to do it. What are you ready for?
:max_bytes(150000):strip_icc()/Health-Squash-VS-Pumpkin-template-c24a579dee2543a5821d9f017fbf33da.jpg?w=160&resize=160,100&ssl=1 "Which Is Better for Fiber and Vitamin A?")
:max_bytes(150000):strip_icc()/HDC-GettyImages-668641904-9179dc9fe60446d8b4d8a08fbffcf46d.jpg?w=600&resize=600,400&ssl=1 "What Happens When You Combine Turmeric and Black Pepper")
Recent Comments