Android apps with scores of downloads serve up annoying ads, unwanted...
Hundreds of millions of Android devices have potentially been compromised by malicious adware and ad fraud apps that on the surface appear to offer harmless services such as selfie filters, weather...
View ArticleMagecart card-skimming group targets L7 routers used by high-traffic locales
A prominent Magecart cybercriminal group appears to be testing card-skimming code capable of compromising commercial-grade layer 7 (L7) routers used by airports, casinos, hotels and resorts,...
View ArticleIllegal gambling apps snuck into Apple and Google stores
Google and Apple recently removed hundreds of apps from their respective app stores after being informed they were actually fronts for gambling operations. While it’s not unusual to find malicious...
View ArticleApple updates software, fixes flaw affecting third-party keyboard apps
Apple last week released a series of software updates that repaired vulnerabilities in iOS, iPadOS, macOS Mojave, macOS High Sierra, macOS Sierra, watchOS, tvOS, Apple TV Software and Safari. This...
View ArticleNew checkm8 exploit can jailbreak millions of iOS devices
An independent researcher who goes by the Twitter handle axi0mX has discovered and published an iOS jailbreak exploit that applies to hundreds of millions of devices and cannot be patched. Named...
View ArticleCriminals’ security lapses enable discovery of Geost mobile banking trojan
Thanks in no small part to the perpetrators’ own sloppy operational security, researchers have uncovered a large Android banking trojan scheme that may have impacted hundreds of millions of Russians....
View ArticleKernel privilege escalation bug actively exploited in Android devices
Researchers have discovered a zero-day kernel privilege escalation bug that can result in the full compromise of certain Android devices and is apparently being exploited in the wild. Devices known to...
View ArticleiPhone jailbreakers lured to click fraud site
A cybergang has created a malicious website that dangles the reward of being able to jailbreak an iPhone, but instead injects the device with click fraud malware. The threat actors use the legitimate...
View ArticleUC Browser potentially endangers 500 million users
The popular Android browser UC Browser was found to break several Google mobile app rules possibly placing up to 500 million of its users at risk. UC Browser, which is available from the Google Play...
View ArticleGoogle Play adware campaign taken down, developer identified
A year-long investigation by ESET of an adware campaign found 42 apps on Google Play that had been downloaded 8 million times, along with the Vietnamese malicious actor behind the scheme. The campaign...
View ArticleXhelper ad dropper adds to its list of victims
There has been a surge in activity surrounding the Xhelper Android ad dropper, with more than 45,000 devices being infected since the malware made its first appearance six months ago. In the past...
View ArticleFacebook sues surveillance tool provider and hosts of hacking websites
Facebook this week filed a lawsuit against a reputed spyware provider that allegedly exploited a WhatsApp vulnerability to enable smartphone hacking, and also pursued legal action against the domain...
View ArticleMalicious keyboard app capable of making illegal purchases
A keyboard app that has been downloaded more than 40 million times has rung up millions of dollars in fraudulent charges by secretly making premium purchases on a targeted device. The mobile security...
View ArticleFreaking lasers can carry voice commands to smart devices
A pair of Japanese researchers have discovered that laser light can be used to send “voice” commands to a wide variety of smart phones and home voice assistants effectively taking control of the...
View ArticlePatched bug allows beaming of malicious apps to NFC-enabled Android devices
Google last month patched an Android bug that could allow attackers to transfer a malicious application to a nearby NFC-enabled device via the Android Beam feature, bypassing security mechanisms in...
View ArticleHuawei meeting with bug bounty hackers
Huawei, the subject of a U.S. government ban amid allegations that China might force the company to spy on others, will reveal a bug bounty program for its mobile devices and new HarmonyOS operating...
View ArticleGoogle forms App Defense Alliance
Google has announced the creation of the App Defense Alliance, a collaboration of the search giant and three cybersecurity firms to vet apps prior to being placed in the Google Play Store. To...
View ArticleClik here to view.
Imaginative attack scenarios elicit intrigue at NYU’s CSAW cyber event
Using AI to create artificial fingerprints that can unlock strangers’ phones… abusing electric vehicle charging stations to overwhelm the power grid… exploiting 3D printer technology to execute an...
View Article49 Google Play app titles found to deliver pesky ads
Researchers recently uncovered 49 adware-laced Android apps that were downloaded from the Google Play store more than 3 million times, collectively, before they were reportedly removed. Many of the...
View ArticleSystem bug gives Facebook access to iPhone cameras
A bug in the latest version of iOS opens iPhone cameras as users peruse their Facebook feeds, letting the social media giant access the cameras. “We have seen no evidence of photos or videos being...
View Article
