Mobile

Pierluigi Paganini July 31, 2021
Android Banking Trojan Vultur uses screen recording for credentials stealing

Experts spotted a new strain of Android banking Trojan dubbed Vultur that uses screen recording and keylogging for the capturing of login credentials. ThreatFabric researchers discovered a new Android banking Trojan, tracked as Vultur, that uses screen recording and keylogging to capture login credentials. Vultur was first spotted in late March 2021, it gains full […]

Pierluigi Paganini July 20, 2021
WiFiDemon – Recently discovered iPhone Wi-Fi bug could also allow RCE

A recently discovered iPhone Wi-Fi bug that could crash the WiFi connectivity could be exploited by attackers to achieve remote code execution. In June, the researcher Carl Schou discovered a new bug in iPhone that can permanently break users’ WiFi by disabling it, the issue could be triggered by simply connecting to a rogue hotspot.  Once an […]

Pierluigi Paganini July 16, 2021
New enhanced Joker Malware samples appear in the threat landscape

The Joker malware is back, experts spotted multiple malicious apps on the official Google Play store that were able to evade scanners. Experts reported an uptick in malicious Android apps on the official Google Play store laced with the Joker mobile trojan. The Joker malware is a malicious code camouflaged as a system app and […]

Pierluigi Paganini May 20, 2021
A dozen Android apps exposed data of 100M+ users

Check Point researchers found 23 Android apps that exposed the personal data of more than 100 million users. Security researchers from Check Point have discovered 23 Android applications that exposed the personal data of more than 100 million users due to misconfigurations of third-party cloud services. The experts pointed out that the misconfiguration also expose […]

Pierluigi Paganini May 19, 2021
Google addresses 4 zero-day flaws in Android exploited in the wild

Google released Android Security Bulletin for May 2021 security updates that address four zero-day vulnerabilities that were exploited in the wild. Android Security Bulletin for May 2021 security updates address four zero-day vulnerabilities, tracked as CVE-2021-1905, CVE-2021-1906, CVE-2021-28663 and CVE-2021-28664, that were actively exploited in the wild. The four vulnerabilities impact Qualcomm GPU and Arm […]

Pierluigi Paganini May 17, 2021
Android stalkerware, a danger for victims and stalkers

ESET research shows that Android stalkerware apps are affected by vulnerabilities that further threaten victims. ESET research reveals that common Android stalkerware apps are affected with vulnerabilities that could expose the privacy and security of the victims. Mobile stalkerware, also known as spouseware, is used by a stalker to spy on a victim, it allows […]

Pierluigi Paganini May 12, 2021
TeaBot Android banking Trojan targets banks in Europe

Malware researchers from Cleafy warn of a new Android banking trojan dubbed TeaBot (aka Anatsa) that is targeting banks in Europe. Malware experts from the Italian cybersecurity firm Cleafy have spotted a new Android banking trojan dubbed TeaBot (aka Anatsa) that is targeting banks in Spain, Germany, Italy, Belgium, and the Netherlands. TeaBot malware appeared […]

Pierluigi Paganini May 11, 2021
Apple was aware that XcodeGhost impacted 128 Million iOS Users in 2015

Court documents revealed that the infamous XcodeGhost malware, which has been active since 2015, infected 128 million iOS users. Documents provided in a court case that sees Epic Games v. Apple Inc. revealed that the XcodeGhost malware impacted 128 million iOS users. Epic Games filed a lawsuit against Apple in a California court over its violation of terms of […]

Pierluigi Paganini May 06, 2021
Qualcomm bug impacts about 30% of all smartphones

A high severity flaw, tracked as CVE-2020-11292, affects Qualcomm Mobile Station Modem chips used by around 30% of all smartphones worldwide Researchers from Checkpoint have discovered a buffer overflow vulnerability, tracked as CVE-2020-11292, in the Qualcomm Mobile Station Modem that can be exploited by attackers to trigger memory corruption and execute arbitrary code on the […]

Pierluigi Paganini April 22, 2021
Cellebrite ‘s forensics tool affected by arbitrary code execution issue

Cellebrite mobile forensics tool Ufed contains multiple flaws that allow arbitrary code execution on the device, SIGNAL creator warns. Moxie Marlinspike, the creator of the popular encrypted messaging app Signal, announced that Cellebrite mobile forensics tools developed by Cellebrite are affected by multiple vulnerabilities that could be exploited to achieve arbitrary code execution. Cellebrite develops […]