mobile

Pierluigi Paganini December 12, 2024
Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement

Chinese law enforcement uses the mobile surveillance tool EagleMsgSpy to gather data from Android devices, as detailed by Lookout. Researchers at the Lookout Threat Lab discovered a surveillance tool, dubbed EagleMsgSpy, used by Chinese law enforcement to spy on mobile devices. The researchers analyzed multiple samples of the malware and gained access to internal documents obtained from […]

Pierluigi Paganini November 08, 2024
iPhones in a law enforcement forensics lab mysteriously rebooted losing their After First Unlock (AFU) state

Law enforcement warns that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them harder to unlock, reported 404 Media. Law enforcement warns that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them much harder to unlock, per a document obtained by 404 Media. 404 Media obtained the document from a mobile […]

Pierluigi Paganini September 21, 2024
OP KAERB: Europol dismantled phishing scheme targeting mobile users

A joint international law enforcement operation led by Europol dismantled a major phishing scheme targeting mobile users. Europol supported European and Latin American law enforcement agencies in dismantling an international criminal network that unlocks stolen or lost mobile phones using a phishing platform. The organization operated a phishing-as-a-service (PhaaS) platform called iServer, which had over […]

Pierluigi Paganini May 30, 2024
Experts found a macOS version of the sophisticated LightSpy spyware

Researchers spotted a macOS version of the LightSpy surveillance framework that has been active in the wild since at least January 2024. Researchers from ThreatFabric discovered a macOS version of the LightSpy spyware that has been active in the wild since at least January 2024. ThreatFabric observed threat actors using two publicly available exploits (CVE-2018-4233, […]

Pierluigi Paganini May 03, 2024
Dirty stream attack poses billions of Android installs at risk

Microsoft devised an attack technique, dubbed ‘Dirty Stream,’ impacting widely used Android applications, billions of installations are at risk. Microsoft is warning Android users about a new attack technique, named Dirty Stream, that can allow threat actors to take control of apps and steal sensitive data. The IT giant describes Dirty Stream as an attack pattern, […]

Pierluigi Paganini February 06, 2024
Google fixed an Android critical remote code execution flaw

Google released Android ’s February 2024 security patches to address 46 vulnerabilities, including a critical remote code execution issue. Google released Android February 2024 security patches to address 46 vulnerabilities, including a critical remote code execution flaw tracked as CVE-2024-0031. The vulnerability resides in the System and impacts Android Open Source Project (AOSP) versions 11, […]

Pierluigi Paganini January 05, 2024
MyEstatePoint Property Search Android app leaks user passwords

The MyEstatePoint Property Search app leaked data on nearly half a million of its users, exposing their names and plain-text passwords, the Cybernews research team has found. The all-in-one real estate app MyEstatePoint Property Search left a publicly accessible MongoDB server containing the sensitive details of its app users. The app, developed by NJ Technologies, […]

Pierluigi Paganini December 09, 2023
5Ghoul flaws impact hundreds of 5G devices with Qualcomm, MediaTek chips

A set of flaws, collectively called 5Ghoul, in the firmware implementation of 5G mobile network modems from major vendors impacts Android and iOS devices. A team of researchers from the Singapore University of Technology and Design discovered a set of security vulnerabilities in the firmware implementation of 5G mobile network modems from major chipset vendors. The […]

Pierluigi Paganini December 08, 2023
Android barcode scanner app exposes user passwords

An Android app with over 100k Google Play downloads and a 4.5-star average rating has let an open instance go unchecked, leaving sensitive user data up for grabs. The Cybernews team discovered the Android app Barcode to Sheet leaking sensitive user information and enterprise data stored by app creators. Barcode to Sheet has over 100k […]

Pierluigi Paganini October 16, 2023
Signal denies claims of an alleged zero-day flaw in its platform

Encrypted messaging app Signal denied claims of an alleged zero-day flaw in its platform after a responsible investigation. The popular encrypted messaging app Signal denied claims of an alleged zero-day vulnerability in its platform. The company launched an investigation into the claims after they have seen the vague viral reports alleging a zero-day vulnerability. “PSA: […]