iOS, Android Vulnerabilities Found at HP’s Mobile Pwn2Own Event

One of the winners of HP’s prize money was for an exploit that leveraged NFC (near field communication) on a Samsung Galaxy Android smartphone. While the attack was delivered via NFC, it is important to note that the attack is not necessarily a vulnerability in NFC itself.

The winning team of researchers, from MWR Labs, used a technique first demonstrated by security research Charlie Miller earlier this year at the Black Hat USA event. Miller demonstrated that a feature known as Android Beam, which lets one user send an item to another without the need for the recipient to do anything, could be used to deliver an attack