Pierluigi Paganini July 08, 2023
Google addressed 3 actively exploited flaws in Android

Google released July security updates for Android that addressed tens of vulnerabilities, including three actively exploited flaws. July security updates for Android addressed more than 40 vulnerabilities, including three flaws that were actively exploited in targeted attacks. “There are indications that the following may be under limited, targeted exploitation.” reads the security bulletin. The CVE-2023-26083 is […]

Pierluigi Paganini June 22, 2023
Apple addressed actively exploited zero-day flaws in iOS, macOS, and Safari

Apple rolled out security updates to address actively exploited zero-day flaws in iOS, iPadOS, macOS, watchOS, and Safari. Apple addressed a set of vulnerabilities in iOS, iPadOS, macOS, watchOS, and the Safari browser that were actively exploited in the wild. The IT giant addressed the zero-day vulnerabilities, tracked as CVE-2023-32434 and CVE-2023-32435, exploited as part […]

Pierluigi Paganini June 07, 2023
June 2023 Security Update for Android fixed Arm Mali GPU bug used by spyware

June 2023 security update for Android released by Google fixes about fifty flaws, including an Arm Mali GPU bug exploited by surveillance firms in their spyware. The June 2023 Android Security Bulletin provides details about the fix for more than fifty vulnerabilities affecting Android devices. Security updates released this month also addressed a vulnerability, tracked […]

Pierluigi Paganini June 07, 2023
+60,000 Android apps spotted hiding adware for past six months

Bitdefender researchers have discovered 60,000 different Android apps secretly installing adware in the past six months. Bitdefender announced the discovery of more than 60,000 Android apps in the past six months that were spotted installing adware on Android devices. The researchers discovered the hidden adware by using a recently announced anomaly detection technology incorporated into Bitdefender Mobile […]

Pierluigi Paganini May 30, 2023
BrutePrint Attack allows to unlock smartphones with brute-forcing fingerprint

Researchers devised an attack technique, dubbed BrutePrint Attack, that allows brute-forcing fingerprints on smartphones to bypass authentication. Researchers have devised an attack technique, dubbed BrutePrint, that allows to brute-force fingerprints on smartphones to bypass user authentication. The attack technique exploits two zero-day vulnerabilities, called Cancel-After-Match-Fail (CAMF) and Match-After-Lock (MAL), in the smartphone fingerprint authentication (SFA) […]

Pierluigi Paganini May 19, 2023
Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

The Lemon Group cybercrime ring has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. A cybercrime group tracked has Lemon Group has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. Infected devices were used for multiple malicious activities, including traffic redirections through mobile proxies, info-stealing, click fraud, and […]

Pierluigi Paganini April 15, 2023
New Android malicious library Goldoson found in 60 apps +100M downloads

A new Android malware named Goldoson was distributed through 60 legitimate apps on the official Google Play store. The Goldoson library was discovered by researchers from McAfee’s Mobile Research Team, it collects lists of applications installed on a device, and a history of Wi-Fi and Bluetooth devices information, including nearby GPS locations. The third-party library can perform ad fraud by clicking advertisements […]

Pierluigi Paganini April 01, 2023
CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog. Five of the issues added by CISA to its catalog are part of the exploits used by surveillance […]

Pierluigi Paganini February 20, 2023
Samsung announces Message Guard feature to neutralize zero-click attacks

Samsung introduces a new protection feature called Message Guard to protect users from zero-click malware attacks. Samsung announced the implementation of a new security feature called Message Guard that aims at protecting users from malicious code that can be installed via zero-click attacks. Zero-click exploits allow attackers to compromise the target device without any user interaction, for example, a […]

Pierluigi Paganini February 10, 2023
Android mobile devices from top vendors in China have pre-installed malware

Researchers reported that the top-of-the-line Android mobile devices sold in China are shipped with malware. China is currently the country with the largest number of Android mobile devices, but a recent study conducted by researchers from the University of Edinburgh and the Trinity College of Dublin revealed that top-of-the-line Android devices sold in the country […]