Mobile

Pierluigi Paganini November 23, 2017
Google gathers Android users’ location data even when location services are disabled

Google is secretly gathering location data from billions of Android users, the news is disconcerting and once again raise the debate about user’s privacy. The disconcerting discovery was made by researchers from Quartz. Big G has been caught collecting location data on every Android device owner in the past 11 months. The worse news is that the […]

Pierluigi Paganini November 22, 2017
Lazarus APT uses an Android app to target Samsung users in the South Korea

The North Korea linked group Lazarus APT has been using a new strain of Android malware to target smartphone users in South Korea. The hacking campaign was spotted by McAfee and Palo Alto Networks, both security firms attributed the attacks to the Hidden Cobra APT. The activity of the Lazarus APT Group surged in 2014 and 2015, its […]

Pierluigi Paganini November 21, 2017
BankBot Trojan bypasses again security checks implemented by Google for the Play Store

Experts from several security firms has spotted two new malware campaigns targeting Google Play Store users, once of them spreads the BankBot Trojan. Once again crooks succeeded in publishing a malware in the official Google Play Store deceiving the anti-malware protections implemented by the tech giant. A team composed of security experts from several security […]

Pierluigi Paganini November 20, 2017
A bug in the Android MediaProjection service lets hackers to record audio and screen activity on 77% of all devices

A flaw in the Android MediaProjection service could be exploited by an attacker to record audio and screen activity on around 77.5% of all Android devices. A vulnerability affecting Android smartphones running Lolipop, Marshmallow, and Nougat (Around 77.5% of all Android devices)  could be exploited by an attacker to record audio and screen activity. The vulnerability resides […]

Pierluigi Paganini November 16, 2017
Multi-Stage Android/TrojanDropper.Agent.BKY Malware bypasses Google Play detection once again

Researchers from security firm ESET, discovered a multi-stage Malware dubbed Android/TrojanDropper.Agent.BKY that evaded Google Play detection. Security experts at ESET have discovered a multi-stage Android malware, tracked as Android/TrojanDropper.Agent.BKY, that was available for download in the official Google Play store. The researchers have found eight malicious applications in the official application store (MEX Tools, Clear Android, Cleaner for […]

Pierluigi Paganini November 14, 2017
A Backdoor in OnePlus devices allows root access without unlocking bootloader

Expert discovered a backdoor in OnePlus devices that allows root access without unlocking the bootloader. Other problems for the owners of the OnePlus smartphone, this time experts discovered a backdoor that allows root access without unlocking the bootloader. Just over a month after OnePlus was caught collecting personally identifiable information on its users, the Chinese smartphone company has been […]

Pierluigi Paganini November 14, 2017
Experts bypass ultra secure Apple iPhone X Face ID with a 3D-Printed mask

A group of researchers hacked Apple iPhone X Face ID facial recognition technology by using a 3D-Printed Mask that costs less than $150. On November 3, Apple released its new iPhone X and a few days later a group of researchers from Vietnamese cybersecurity firm Bkav has claimed to have hacked Apple’s Face ID facial recognition technology by using […]

Pierluigi Paganini November 10, 2017
TOASTAMIGO – the first known strain of malware that uses the Toast Overlay exploit

Trend Micro spotted TOASTAMIGO, the first known malware that uses the recently patched vulnerability that ties with the Toast Overlay attacks. Malware researchers at Trend Micro have spotted the first known strain of malware that triggers the recently patched vulnerability, tracked as CVE-2017-0752, that ties with the Toast Overlay attacks. The vulnerability was discovered in September by security […]

Pierluigi Paganini November 08, 2017
Android Security Bulletin—November 2017 – Google addresses critical flaws and high-risk KRACK vulnerabilities in Android

Android Security Bulletin—November 2017 – Google addresses critical vulnerabilities and high-risk KRACK flaws in Android OS. Google released the Android Security Bulletin—November 2017 that address 31 vulnerabilities, 9 of which are critical remote code execution flaws. The Android Security Bulletin includes three different security patch levels. The 2017-11-01 and 2017-11-05 patch levels contain fixes for both Critical […]

Pierluigi Paganini November 04, 2017
Fake WhatsApp app in official Google Play Store downloaded by over a million Android users

A fake WhatsApp version deployed on the Play Store was downloaded by over a million users, a failure for the automated checks implemented by Google. Once again crooks exploited the official Google’s Play Store as a repository for malicious apps. This time a fake WhatsApp version was used to infect over a million users that […]