April 25, 2023
Via: The Hacker NewsSearch giant Google on Monday unveiled a major update to its 12-year-old Authenticator app for Android and iOS with an account synchronization option that allows users to back up their time-based one-time passwords (TOTPs) to the cloud. “This change means […]
April 18, 2023
Via: The Hacker NewsA new Android malware strain named Goldoson has been detected in the official Google Play Store spanning more than 60 legitimate apps that collectively have over 100 million downloads. An additional eight million installations have been tracked through ONE store, […]
April 14, 2023
Via: The Hacker NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The two flaws are listed below – CVE-2023-20963 (CVSS score: 7.8) – Android Framework Privilege […]
April 11, 2023
Via: The Hacker NewsMalicious loader programs capable of trojanizing Android applications are being traded on the criminal underground for up to $20,000 as a way to evade Google Play Store defenses. “The most popular application categories to hide malware and unwanted software include […]
March 24, 2023
Via: Help Net SecurityBrivo expands its mobile credential options by introducing support for employee badges in Apple Wallet. Brivo corporate customers can enable employees to add their employee badge to Apple Wallet and simply hold their iPhone or Apple Watch near a reader […]
February 27, 2023
Via: SecurelistFigures of the year In 2022, Kaspersky mobile products and technology detected: 1,661,743 malicious installers 196,476 new mobile banking Trojans 10,543 new mobile ransomware Trojans Trends of the year Mobile attacks leveled off after decreasing in the second half of […]
February 24, 2023
Via: The Hacker NewsAn investigation into data safety labels for Android apps available on the Google Play Store has uncovered “serious loopholes” that allow apps to provide misleading or outright false information. The study, conducted by the Mozilla Foundation as part of its […]
February 20, 2023
Via: Security WeekIt’s not uncommon for sophisticated threat actors to target users with exploits that can be triggered without any interaction from the victim. As an example, Samsung described a scenario where a hacker sends the targeted user a specially crafted image […]
January 30, 2023
Via: TechRadarThe Google Play Store has been home to a growing number of suspicious activities in recent months, new research has found. A study by Dr.Web found a large number of fake apps and trojans designed to subscribe victims to paid […]
January 23, 2023
Via: TechRadarResearchers have uncovered a huge network of fake apps running fake ads, mainly on iOS devices. The operation was named ‘Vastflux’ in reference to its use of the Video Ad Serving Template specification, as well as the fast-flux technique to […]
Mobile, Mobile security, Threats & Malware, Vulnerabilities
January 23, 2023
Via: The Hacker NewsTwo security flaws have been disclosed in Samsung’s Galaxy Store app for Android that could be exploited by a local attacker to stealthily install arbitrary apps or direct prospective victims to fraudulent landing pages on the web. The issues, tracked […]
January 17, 2023
Via: Help Net SecurityCloudSEK launched the BeVigil app to provide users with detailed information about the security and privacy practices of their mobile apps. With the BeVigil App, users can search for apps by name and view detailed information about the app’s security […]
Hacker, Mobile, Mobile security, Threats & Malware
January 10, 2023
Via: The Hacker NewsThe advanced persistent threat (APT) group known as StrongPity has targeted Android users with a trojanized version of the Telegram app through a fake website that impersonates a video chat service called Shagle. “A copycat website, mimicking the Shagle service, […]
Mobile, Mobile security, Threats & Malware, Vulnerabilities
January 3, 2023
Via: Security WeekHuawei smartphones and other devices ran Android until 2019, when the US government barred American companies from selling software and technology to the Chinese firm. Later that year, Huawei unveiled its new HarmonyOS operating system, which works on a wide […]
Mobile, Mobile security, Threats & Malware, Virus & Malware
December 15, 2022
Via: The Hacker NewsA previously undocumented Android malware campaign has been observed leveraging money-lending apps to blackmail victims into paying up with personal information stolen from their devices. Mobile security company Zimperium dubbed the activity MoneyMonger, pointing out the use of the cross-platform […]
Mobile, Mobile security, Threats & Malware, Vulnerabilities
December 14, 2022
Via: Security WeekApple announced on November 30 that an advisory for iOS 16.1.2 would be released in the coming days. The advisory was published two weeks later, on Patch Tuesday, and it’s unclear why the tech giant waited for so long to […]
December 8, 2022
Via: TechRadarApple has announced new features aimed at improving the cybersecurity protections for its customers, both consumers and businesses, including Security Keys, an ability to use third-party physical keys to protect data sitting in the iCloud platform. “For users who opt […]
Mobile, Mobile security, Threats & Malware, Virus & Malware
December 1, 2022
Via: The Hacker NewsMore than 300,000 users across 71 countries have been victimized by a new Android threat campaign called the Schoolyard Bully Trojan. Mainly designed to steal Facebook credentials, the malware is camouflaged as legitimate education-themed applications to lure unsuspecting users into […]
Mobile, Mobile security, Threats & Malware, Virus & Malware
November 30, 2022
Via: The Hacker NewsA malicious Android SMS application found on the Google Play Store has been found to stealthily harvest text messages with the goal of creating accounts on a wide range of platforms like Facebook, Google, and WhatsApp. The app, named Symoo […]
Hacker, Mobile, Mobile security, Threats & Malware
November 28, 2022
Via: Security WeekAn advanced persistent threat (APT) actor focused on cyberespionage, Bahamut was initially detailed in 2017, but continues to be active, leveraging a fake online empire of social media personas, websites, and applications, which has allowed it to fly under the […]