TechCrunch reported that a working zero-day exploit for the popular WhatsApp can be paid millions of dollars. The research of zero-day exploits for popular applications such as WhatsApp is even more complex due to the security mechanisms implemented by the developers of the mobile OSs and the app. TechCrunch reported that a zero-day exploits for […]
Apple released emergency security updates to address a new actively exploited zero-day vulnerability impacting iPhone and iPad devices. Apple released emergency security updates to address a new zero-day vulnerability, tracked as CVE-2023-42824, that is exploited in attacks targeting iPhone and iPad devices. The vulnerability is a privilege escalation issue that resides in the Kernel, it was addressed […]
A new campaign is spreading Xenomorph malware to Android users in the United States, Spain, Portugal, Italy, Canada, and Belgium. Researchers from ThreatFabric uncovered a new campaign spreading Xenomorph malware to Android users in the United States and all over the world. In February 2022, researchers from ThreatFabric first spotted the Xenomorph malware, which was distributed via the official Google Play […]
Resecurity identified the emergence of adversarial mobile Android-based Antidetect Tooling for Mobile OS-Based Fraud. Resecurity has identified the emergence of adversarial mobile Android-based tools (called “mobile anti-detects”), like Enclave and McFly, as a new frontier in fraud tradecraft evolution. These tools are used by criminals involved in online-banking theft to impersonate compromised account holders and […]
Two apps on the Google Play Store with more than 1.5 million downloads have been discovered spying on users and sending data to China. Researchers from cybersecurity firm Pradeo discovered two malicious apps on Google Play hinding spyware and spying on up to 1.5 million users. Both applications are file management apps from the same […]
Google released July security updates for Android that addressed tens of vulnerabilities, including three actively exploited flaws. July security updates for Android addressed more than 40 vulnerabilities, including three flaws that were actively exploited in targeted attacks. “There are indications that the following may be under limited, targeted exploitation.” reads the security bulletin. The CVE-2023-26083 is […]
Apple rolled out security updates to address actively exploited zero-day flaws in iOS, iPadOS, macOS, watchOS, and Safari. Apple addressed a set of vulnerabilities in iOS, iPadOS, macOS, watchOS, and the Safari browser that were actively exploited in the wild. The IT giant addressed the zero-day vulnerabilities, tracked as CVE-2023-32434 and CVE-2023-32435, exploited as part […]
June 2023 security update for Android released by Google fixes about fifty flaws, including an Arm Mali GPU bug exploited by surveillance firms in their spyware. The June 2023 Android Security Bulletin provides details about the fix for more than fifty vulnerabilities affecting Android devices. Security updates released this month also addressed a vulnerability, tracked […]
Bitdefender researchers have discovered 60,000 different Android apps secretly installing adware in the past six months. Bitdefender announced the discovery of more than 60,000 Android apps in the past six months that were spotted installing adware on Android devices. The researchers discovered the hidden adware by using a recently announced anomaly detection technology incorporated into Bitdefender Mobile […]
Researchers devised an attack technique, dubbed BrutePrint Attack, that allows brute-forcing fingerprints on smartphones to bypass authentication. Researchers have devised an attack technique, dubbed BrutePrint, that allows to brute-force fingerprints on smartphones to bypass user authentication. The attack technique exploits two zero-day vulnerabilities, called Cancel-After-Match-Fail (CAMF) and Match-After-Lock (MAL), in the smartphone fingerprint authentication (SFA) […]