Category: Mobile

April 15, 2024

Cybersecurity researchers have discovered a “renewed” cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS spyware implant called LightSpy. “The latest iteration of LightSpy, dubbed ‘F_Warehouse,’ boasts a modular framework with extensive spying […]

April 3, 2024

The exploited flaws, tracked as CVE-2024-29745 and CVE-2024-29748, impact Pixel’s bootloader and firmware, Google notes in its advisory. The internet giant says it has indications that these two security defects “may be under limited, targeted exploitation,” without providing specific details […]

April 2, 2024

The FCC appears to finally be stepping up efforts to secure decades-old flaws in American telephone networks that are allegedly being used by foreign governments and surveillance outfits to remotely spy on and monitor wireless devices. At issue are the […]

April 1, 2024

The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data. “Vultur has also started […]

March 13, 2024

Many wireless headsets using Bluetooth technology have vulnerabilities that may allow malicious individuals to covertly listen in on private conversations, Tarlogic Security researchers have demonstrated last week at RootedCON in Madrid. “Many of the examples presented during the conference were […]

March 7, 2024

WhatsApp scams and text scams can deceive users into giving away personal information and trick them into paying money for fake services or products. According to Robokiller, there were 19.2 billion spam texts sent in January 2024 alone. This equates […]

February 15, 2024

Cybercriminals are targeting iOS users with malware that steals Face ID scans to break into and pilfer money from bank accounts – thought to be a world first. A Chinese-speaking cybercrime group, dubbed GoldFactory by Group-IB’s researchers, started distributing trojanized […]

January 5, 2024

The all-in-one real estate app MyEstatePoint Property Search left a publicly accessible MongoDB server containing the sensitive details of its app users. The app, developed by NJ Technologies, an India-based software developer, has over half a million downloads on the […]

December 28, 2023

Kaspersky’s Global Research and Analysis Team (GReAT) has exposed a previously unknown “feature” in Apple iPhones that allowed malware to bypass hardware-based memory protection. Addressed as CVE-2023-38606, which was patched in July 2023, the issue affected iPhones running iOS versions […]

December 28, 2023

Cybersecurity researchers from McAfee hae uncovered over a dozen malicious apps lurking in the Google Play Store. The researchers claim these apps were carrying a potent piece of malware, capable of stealing sensitive data from the infected Android devices and […]

December 27, 2023

American mobile virtual network operator (MVNO) Mint Mobile has confirmed suffering a data breach affecting an unknown number of its customers. The company revealed the news in an email sent to its customers, in which it explained “We are writing […]

December 7, 2023

WhatsApp is officially giving users the ability to send out temporary voice messages to their contacts. We say “officially” because this feature has actually been around for the past two months or so although it was in a beta state. […]

December 5, 2023

Google December 2023 Android security updates addressed 85 vulnerabilities, including a critical zero-click remote code execution (RCE) flaw tracked as CVE-2023-40088. The vulnerability resides in Android’s System component, it doesn’t require additional privileges to be triggered. An attacker can exploit […]

November 7, 2023

Hackers have found a way to bypass Android’s “Restricted Settings” and install malware on a victim’s devices. Restricted Settings is a security feature first introduced in Android 13 that prevents apps downloaded from non-vetted sources (i.e. places other than the […]

October 27, 2023

Three years after Apple introduced a menu setting called Private Wi-Fi Address, a way to spoof network identifiers called MAC addresses, the privacy protection may finally work as advertised, thanks to a software fix. “To communicate with a Wi-Fi network, […]

October 25, 2023

Cybersecurity researchers from Kaspersky have revealed more details on TriangleDB, a piece of malware that targeted a zero-day vulnerability recently discovered in the iOS operating system. In a detailed technical writeup, Kaspersky said the malware contains at least four different […]

October 16, 2023

The popular encrypted messaging app Signal denied claims of an alleged zero-day vulnerability in its platform. The company launched an investigation into the claims after they have seen the vague viral reports alleging a zero-day vulnerability. “PSA: we have seen […]

October 6, 2023

It looks like the second coming of Spyhide was a short-lived one, with the infamous spyware now truly done and dusted. As reported by TechCrunch, the spyware’s back-end server, which survived the first shutdown intact (and was the reason why […]

September 26, 2023

Researchers from ThreatFabric uncovered a new campaign spreading Xenomorph malware to Android users in the United States and all over the world. In February 2022, researchers from ThreatFabric first spotted the Xenomorph malware, which was distributed via the official Google […]

September 22, 2023

57% of all monitored apps are under attack, with gaming (63%) and FinServ (62%) apps facing the highest risk, according to Digital.ai. The study found no correlation between an app’s popularity and likelihood of being attacked but found Android apps […]