Mobile Archives - Page 13 of 90

Pierluigi Paganini April 17, 2023

New QBot campaign delivered hijacking business correspondence

Kaspersky researchers warn of a new QBot campaign leveraging hijacked business emails to deliver malware. In early April, Kaspersky experts observed a surge in attacks that QBot malware attacks (aka Qakbot, QuackBot, and Pinkslipbot). QBot has been active since 2008, it is used by threat actors for collecting browsing data and banking credentials, and other […]

Pierluigi Paganini April 15, 2023

New Android malicious library Goldoson found in 60 apps +100M downloads

A new Android malware named Goldoson was distributed through 60 legitimate apps on the official Google Play store. The Goldoson library was discovered by researchers from McAfee’s Mobile Research Team, it collects lists of applications installed on a device, and a history of Wi-Fi and Bluetooth devices information, including nearby GPS locations. The third-party library can perform ad fraud by clicking advertisements […]

Pierluigi Paganini April 15, 2023

CISA adds bugs in Android and Novi Survey to its Known Exploited Vulnerabilities catalog

US Cybersecurity and Infrastructure Security Agency (CISA) added Android and Novi Survey flaws to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the following five new issues to its Known Exploited Vulnerabilities Catalog: Google addressed the vulnerability CVE-2023-20963 with the release of “The Android Security Bulletin—March 2023” security updates. The […]

Pierluigi Paganini April 13, 2023

A flaw in the Kyocera Android printing app can be abused to drop malware

Security experts warn that a Kyocera Android printing app is vulnerable to improper intent handling and can be abused to drop malware. An improper intent handling issue affecting the Kyocera Android printing app can allow malicious applications to drop malware. Such kinds of flaws expose a resource to the wrong control sphere, providing unintended actors with inappropriate […]

Pierluigi Paganini April 12, 2023

QuaDream surveillance firm’s spyware targeted iPhones with zero-click exploit

At least five members of civil society worldwide have been targeted with spyware and exploits developed by surveillance firm QuaDream. Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. The victims include journalists, political opposition figures, and an NGO worker […]

Pierluigi Paganini April 11, 2023

Apple released emergency updates to fix recently disclosed zero-day bugs on older devices

Apple released updates to backport patches addressing two actively exploited zero-day vulnerabilities in older iPhones, iPads, and Macs. Apple has released emergency updates to backport security patches that address two actively exploited zero-day flaws also affecting older iPhones, iPads, and Macs. On April 7, 2023, Apple has released emergency security updates to address two actively exploited zero-day […]

Pierluigi Paganini April 01, 2023

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog. Five of the issues added by CISA to its catalog are part of the exploits used by surveillance […]

Pierluigi Paganini March 23, 2023

Nexus, an emerging Android banking Trojan targets 450 financial apps

Experts warn of an emerging Android banking trojan dubbed Nexus that was employed in attacks against 450 financial applications. Cybersecurity firm experts from Cleafy warn of an emerging Android banking trojan, named Nexus, that was employed by multiple groups in attacks against 450 financial applications. The Nexus ransomware was first analyzed in early March by researchers from the […]

Pierluigi Paganini March 20, 2023

Acropalypse flaw in Google Pixel’s Markup tool allowed the recovery of edited images

The Acropalypse flaw in the Markup tool of Google Pixel allowed the partial recovery of edited or redacted screenshots and images. Security researchers Simon Aarons and David Buchanan have discovered a vulnerability, named ‘Acropalypse,’ in the Markup tool of Google Pixel. The Markup tool is a built-in Markup utility, released with Android 9 Pie that […]

Pierluigi Paganini March 16, 2023

Baseband RCE flaws in Samsung’s Exynos chipsets expose devices to remote hack

Google’s Project Zero hackers found multiple flaws in Samsung ’s Exynos chipsets that expose devices to remote hack with no user interaction. White hat hackers at Google’s Project Zero unit discovered multiple vulnerabilities Samsung ’s Exynos chipsets that can be exploited by remote attackers to compromise phones without user interaction. The researchers discovered a total […]

Mobile

New QBot campaign delivered hijacking business correspondence

New Android malicious library Goldoson found in 60 apps +100M downloads

CISA adds bugs in Android and Novi Survey to its Known Exploited Vulnerabilities catalog

A flaw in the Kyocera Android printing app can be abused to drop malware

QuaDream surveillance firm’s spyware targeted iPhones with zero-click exploit

Apple released emergency updates to fix recently disclosed zero-day bugs on older devices

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Nexus, an emerging Android banking Trojan targets 450 financial apps

Acropalypse flaw in Google Pixel’s Markup tool allowed the recovery of edited images

Baseband RCE flaws in Samsung’s Exynos chipsets expose devices to remote hack

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog

UK NCA arrested four people over M&S, Co-op cyberattacks

PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda

Qantas data breach impacted 5.7 million individuals

DoNot APT is expanding scope targeting European foreign ministries

QUICK LINKS

Mobile

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!