Mobile

Pierluigi Paganini March 10, 2023
Latest version of Xenomorph Android malware targets 400 banks

A new version of the Xenomorph Android malware includes a new automated transfer system framework and targets 400 banks. The author of the Xenomorph Android malware, the Hadoken Security Group, continues to improve their malicious code. In February 2022, researchers from ThreatFabric first spotted the Xenomorph malware, which was distributed via the official Google Play Store […]

Pierluigi Paganini March 01, 2023
Canada is going to ban TikTok on government mobile devices

The Canadian government announced it will ban the video app TikTok from all government-issued devices over security concerns. Canada is going to ban the popular Chinese video-sharing app TikTok from the mobile devices of its employees over security concerns. The app will be removed from government devices this week. The app “presents an unacceptable level […]

Pierluigi Paganini February 23, 2023
The European Commission has banned its staff from using TikTok over security concerns

The European Commission has banned its employees from using the Chinese social media app TikTok over security concerns. The European Union has banned the popular Chinese video-sharing app TikTok from the mobile devices of its employees over security concerns. The app developed by the Chinese firm ByteDance has over 1 billion active users worldwide, it […]

Pierluigi Paganini February 20, 2023
Samsung announces Message Guard feature to neutralize zero-click attacks

Samsung introduces a new protection feature called Message Guard to protect users from zero-click malware attacks. Samsung announced the implementation of a new security feature called Message Guard that aims at protecting users from malicious code that can be installed via zero-click attacks. Zero-click exploits allow attackers to compromise the target device without any user interaction, for example, a […]

Pierluigi Paganini February 10, 2023
Android mobile devices from top vendors in China have pre-installed malware

Researchers reported that the top-of-the-line Android mobile devices sold in China are shipped with malware. China is currently the country with the largest number of Android mobile devices, but a recent study conducted by researchers from the University of Edinburgh and the Trinity College of Dublin revealed that top-of-the-line Android devices sold in the country […]

Pierluigi Paganini January 23, 2023
Apple backported patches for CVE-2022-42856 zero-day on older iPhones, iPads

Apple has backported the security updates for the zero-day vulnerability CVE-2022-42856 to older iPhones and iPads. On December 2022, Apple released security updates to address a new zero-day vulnerability, tracked as CVE-2022-42856, that is actively exploited in attacks against iPhones. The IT giant released security bulletins for iOS/iPadOS 15.7.2, Safari 16.2, tvOS 16.2, and macOS Ventura 13.1. Apple addressed […]

Pierluigi Paganini January 23, 2023
Two flaws in Samsung Galaxy Store can allow to install Apps and execute JS code

Researchers found two flaws in Samsung Galaxy Store that could be exploited to install applications or achieve code execution on the devices. Researchers from cybersecurity firm NCC Group published technical details on two vulnerabilities, tracked as CVE-2023-21433 and CVE-2023-21434, in Samsung Galaxy Store that could be exploited to install applications or execute malicious JavaScript code. […]

Pierluigi Paganini January 15, 2023
1.7 TB of data stolen from digital intelligence firm Cellebrite leaked online

1.7 TB of data stolen from Cellebrite, a digital intelligence company that provides tools for law enforcement, were leaked online. The Israeli mobile forensics firm Cellebrite is one of the leading companies in the world in the field of digital forensics, it works with law enforcement and intelligence agencies worldwide. One of the most popular services provided […]

Pierluigi Paganini January 10, 2023
StrongPity APT spreads backdoored Android Telegram app via fake Shagle site

The StrongPity APT group targeted Android users with a trojanized version of the Telegram app served through a website impersonating a video chat service called Shagle. ESET researchers reported that StrongPity APT group targeted Android users with a trojanized version of the Telegram app. The campaign has been active since November 2021, threat actors served the malicious app […]

Pierluigi Paganini December 26, 2022
GuLoader implements new evasion techniques

Cybersecurity researchers exposed new evasion techniques adopted by an advanced malware downloader called GuLoader. CrowdStrike researchers d a detailed multiple evasion techniques implemented by an advanced malware downloader called GuLoader (aka CloudEyE). GuLoader uses a polymorphic shellcode loader to avoid traditional security solutions, the experts mapped all embedded DJB2 hash values for every API used by the […]