Mobile

Pierluigi Paganini February 21, 2022
How SMS PVA services could undermine SMS-based verification

Crooks abuse some SMS PVA services that allow their customers to create disposable user accounts to conduct malicious activities. While investigating SMS PVA services (phone-verified account services), Trend Micro researchers discovered a rogue platform using a botnet of thousands of Android devices used to carry out malicious activities. SMS PVA services provide alternative mobile numbers […]

Pierluigi Paganini February 18, 2022
Google Privacy Sandbox promises to protect user privacy online

Google introduces Privacy Sandbox on Android aimed at leading to more private advertising solutions for mobile users. Google announced Privacy Sandbox on Android to limit user data sharing and prevent the use of cross-app identifiers. The company states that the Privacy Sandbox technologies are still in development. “Privacy Sandbox on Android will strengthen privacy, while […]

Pierluigi Paganini January 28, 2022
Finnish diplomats’ devices infected with Pegasus spyware

Finland Ministry for Foreign Affairs revealed that devices of Finnish diplomats have been infected with NSO Group’s Pegasus spyware. Finland’s Ministry for Foreign Affairs revealed that the devices of some Finnish diplomats have been compromised with the infamous NSO Group’s Pegasus spyware. The diplomats were targeted with the popular surveillance software as part of a […]

Pierluigi Paganini January 25, 2022
Latest version of Android RAT BRATA wipes devices after stealing data

A new version of the BRATA malware implements a functionality to perform a factory reset of the device to wipe all data. The new version of the BRATA Android malware supports new features, including GPS tracking and a functionality to perform a factory reset on the device. Security experts at Kaspersky discovered the Android RAT […]

Pierluigi Paganini January 09, 2022
Swiss army asks its personnel to use the Threema instant-messaging app

The Swiss army has banned all instant messaging apps, including Signal, Telegram, and WhatsApp, recommending the use of the Threema app. The Swiss army has banned foreign instant messaging apps such as Signal, Telegram, and WhatsApp and only allows its members to use the Threema messaging app, which is developed in Switzerland. Threema is the instant […]

Pierluigi Paganini January 08, 2022
FluBot malware continues to evolve. What’s new in Version 5.0 and beyond?

Researchers warn of new campaigns distributing a new improved version of the FluBot malware posing as Flash Player. Researchers from F5 security are warning of a new enhanced version of the FluBot Android malware that that spread posed as Flash Player. A recent SMISHING campaign spotted by CSIRT KNF, FluBot targeted Polish users with a […]

Pierluigi Paganini January 06, 2022
North Korea-linked Konni APT targets Russian diplomatic bodies

North Korea-linked APT group Konni targets Russian Federation’s Ministry of Foreign Affairs (MID) new versions of malware implants. Security researchers at Cluster25 uncovered a recent campaign carried out by the North Korea-linked Konni APT group aimed at Russian diplomatic entities that used new versions of malware implants. The APT group carried out spear-phishing attacks using New Year’s […]

Pierluigi Paganini January 06, 2022
NoReboot persistence technique fakes iPhone shutdown

Researchers devised a sophisticated persistence technique, named NoReboot, for iOS malware that fake shut downs. Researchers from Zecops devised a sophisticated persistence technique, named NoReboot, for iOS malware that fake shut downs while spies on the user. The technique is based on the concept of simulating a shutdown of the iPhone when the victim attempts […]

Pierluigi Paganini January 03, 2022
‘doorLock’ – A persistent denial of service flaw affecting iOS 15.2 – iOS 14.7 

Expert found a new persistent DoS vulnerability, dubbed ‘doorLock,’ affecting the Apple HomeKit in iOS 14.7 through 15.2. Security researchers Trevor Spiniolas discovered a new persistent DoS vulnerability, dubbed ‘doorLock,’ affecting the Apple HomeKit in iOS 14.7 through 15.2. HomeKit is a software framework by Apple, made available in iOS/iPadOS that lets users configure, communicate […]

Pierluigi Paganini December 27, 2021
New Android banking Malware targets Brazil’s ItaĂș Unibanco Bank

Researchers analyzed a new Android banking malware that targets Brazil’s ItaĂș Unibanco that spreads through fake Google Play Store pages. Researchers from threat intelligence firm Cyble analyzed a new Android banking malware that targets Brazil’s ItaĂș Unibanco trying to perform fraudulent financial transactions on the legitimate ItaĂș Unibanco applications without the victim’s knowledge. Threat actors spread the malware using fake Google Play Store […]