Mobile, Mobile security, Threats & Malware, Virus & Malware
April 15, 2024
Via: The Hacker NewsCybersecurity researchers have discovered a “renewed” cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS spyware implant called LightSpy. “The latest iteration of LightSpy, dubbed ‘F_Warehouse,’ boasts a modular framework with extensive spying […]
Mobile, Mobile security, Threats & Malware, Vulnerabilities
April 3, 2024
Via: Security WeekThe exploited flaws, tracked as CVE-2024-29745 and CVE-2024-29748, impact Pixel’s bootloader and firmware, Google notes in its advisory. The internet giant says it has indications that these two security defects “may be under limited, targeted exploitation,” without providing specific details […]
April 2, 2024
Via: The RegisterThe FCC appears to finally be stepping up efforts to secure decades-old flaws in American telephone networks that are allegedly being used by foreign governments and surveillance outfits to remotely spy on and monitor wireless devices. At issue are the […]
Mobile, Mobile security, Threats & Malware, Virus & Malware
April 1, 2024
Via: The Hacker NewsThe Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data. “Vultur has also started […]
March 7, 2024
Via: Panda SecurityWhatsApp scams and text scams can deceive users into giving away personal information and trick them into paying money for fake services or products. According to Robokiller, there were 19.2 billion spam texts sent in January 2024 alone. This equates […]
February 15, 2024
Via: The RegisterCybercriminals are targeting iOS users with malware that steals Face ID scans to break into and pilfer money from bank accounts – thought to be a world first. A Chinese-speaking cybercrime group, dubbed GoldFactory by Group-IB’s researchers, started distributing trojanized […]
January 5, 2024
Via: Security AffairsThe all-in-one real estate app MyEstatePoint Property Search left a publicly accessible MongoDB server containing the sensitive details of its app users. The app, developed by NJ Technologies, an India-based software developer, has over half a million downloads on the […]
December 28, 2023
Via: The RegisterKaspersky’s Global Research and Analysis Team (GReAT) has exposed a previously unknown “feature” in Apple iPhones that allowed malware to bypass hardware-based memory protection. Addressed as CVE-2023-38606, which was patched in July 2023, the issue affected iPhones running iOS versions […]
December 28, 2023
Via: TechRadarCybersecurity researchers from McAfee hae uncovered over a dozen malicious apps lurking in the Google Play Store. The researchers claim these apps were carrying a potent piece of malware, capable of stealing sensitive data from the infected Android devices and […]
December 7, 2023
Via: TechRadarWhatsApp is officially giving users the ability to send out temporary voice messages to their contacts. We say “officially” because this feature has actually been around for the past two months or so although it was in a beta state. […]
December 5, 2023
Via: Security AffairsGoogle December 2023 Android security updates addressed 85 vulnerabilities, including a critical zero-click remote code execution (RCE) flaw tracked as CVE-2023-40088. The vulnerability resides in Android’s System component, it doesn’t require additional privileges to be triggered. An attacker can exploit […]
November 7, 2023
Via: TechRadarHackers have found a way to bypass Android’s “Restricted Settings” and install malware on a victim’s devices. Restricted Settings is a security feature first introduced in Android 13 that prevents apps downloaded from non-vetted sources (i.e. places other than the […]
October 25, 2023
Via: TechRadarCybersecurity researchers from Kaspersky have revealed more details on TriangleDB, a piece of malware that targeted a zero-day vulnerability recently discovered in the iOS operating system. In a detailed technical writeup, Kaspersky said the malware contains at least four different […]
October 16, 2023
Via: Security AffairsThe popular encrypted messaging app Signal denied claims of an alleged zero-day vulnerability in its platform. The company launched an investigation into the claims after they have seen the vague viral reports alleging a zero-day vulnerability. “PSA: we have seen […]
October 6, 2023
Via: TechRadarIt looks like the second coming of Spyhide was a short-lived one, with the infamous spyware now truly done and dusted. As reported by TechCrunch, the spyware’s back-end server, which survived the first shutdown intact (and was the reason why […]
September 26, 2023
Via: Security AffairsResearchers from ThreatFabric uncovered a new campaign spreading Xenomorph malware to Android users in the United States and all over the world. In February 2022, researchers from ThreatFabric first spotted the Xenomorph malware, which was distributed via the official Google […]
September 22, 2023
Via: Help Net Security57% of all monitored apps are under attack, with gaming (63%) and FinServ (62%) apps facing the highest risk, according to Digital.ai. The study found no correlation between an app’s popularity and likelihood of being attacked but found Android apps […]
September 6, 2023
Via: The Hacker NewsGoogle has rolled out monthly security patches for Android to address a number of flaws, including a zero-day bug that it said may have been exploited in the wild. Tracked as CVE-2023-35674, the high-severity vulnerability is described as a case […]
Cyber-crime, Malware, Mobile, Mobile security
August 31, 2023
Via: Help Net SecurityESET researchers have identified two active campaigns targeting Android users, where the threat actors behind the tools for Telegram and Signal are attributed to the China-aligned APT group GREF. Most likely active since July 2020 and since July 2022, respectively […]
August 23, 2023
Via: The Hacker NewsA Syrian threat actor named EVLF has been outed as the creator of malware families CypherRAT and CraxsRAT. “These RATs are designed to allow an attacker to remotely perform real-time actions and control the victim device’s camera, location, and microphone,” […]