Pierluigi Paganini
December 26, 2017
Researchers from the mobile security firm Lookout have discovered three fake Bitcoin wallet apps in the official Play store, Google promptly removed them. Experts from mobile security firm Lookout have discovered three fake Bitcoin wallet apps in the official Play store. The fake Bitcoin wallet apps were removed by Google Play after security researchers reported their discovery […]
Pierluigi Paganini
December 13, 2017
It has happened again, several banking Trojan samples have been found on Google Play, this time the malicious code targeted a number of Polish banks. The malware was disguised as seemingly legitimate apps “Crypto Monitor”, a cryptocurrency price tracking app, and “StorySaver”, a third-party tool for downloading stories from Instagram. The malicious code is able to display […]
Pierluigi Paganini
December 11, 2017
According to the firm Carbon Black, Android ransomware kits are very popular in the dark web, and the median price range for them hits $200. According to the firm Carbon Black, Android ransomware kits are very popular in the dark web, more than 5,000 Android ransomware kit listings have been discovered in 2017. Even if most ransomware kits are still focused […]
Pierluigi Paganini
December 09, 2017
Google fixed a bug dubbed Janus that could be exploited by attackers to inject malicious code into Android apps without affecting an app’s signature. Google fixed four dozen vulnerabilities this week, including a bug dubbed Janus that could be exploited by attackers to inject malicious code into Android apps without affecting an app’s signature verification certificates. Millions of Android […]
Pierluigi Paganini
December 07, 2017
Security experts discovered a critical vulnerability in major mobile banking applications that left banking credentials vulnerable to hackers. A group of security researchers has discovered a critical vulnerability in major mobile banking applications that left banking credentials vulnerable to hackers. The vulnerability was discovered by researchers of the Security and Privacy Group at the University […]
Pierluigi Paganini
December 06, 2017
Another day, another clamorous data breach, this time let’s discuss a data breach that exposes personal data collected by the Keyboard App AI.type. This story reminds us that every time we download an app we are enlarging our surface of attack, in the majority of cases we are not aware of exact amount of data they […]
Pierluigi Paganini
December 04, 2017
Google has expanded enforcement of Google’s Unwanted Software Policy waring Android developers to explicitly declare data collection behaviors. A few days ago, Google was caught collecting users’ location data even when location services were disabled, many privacy experts questioned the behavior of the tech giant. Google promptly admitted the practice and suspended it. Now Google made another move to […]
Pierluigi Paganini
November 16, 2017
Researchers from security firm ESET, discovered a multi-stage Malware dubbed Android/TrojanDropper.Agent.BKY that evaded Google Play detection. Security experts at ESET have discovered a multi-stage Android malware, tracked as Android/TrojanDropper.Agent.BKY, that was available for download in the official Google Play store. The researchers have found eight malicious applications in the official application store (MEX Tools, Clear Android, Cleaner for […]
Pierluigi Paganini
November 10, 2017
Trend Micro spotted TOASTAMIGO, the first known malware that uses the recently patched vulnerability that ties with the Toast Overlay attacks. Malware researchers at Trend Micro have spotted the first known strain of malware that triggers the recently patched vulnerability, tracked as CVE-2017-0752, that ties with the Toast Overlay attacks. The vulnerability was discovered in September by security […]
Pierluigi Paganini
November 08, 2017
Android Security Bulletin—November 2017 – Google addresses critical vulnerabilities and high-risk KRACK flaws in Android OS. Google released the Android Security Bulletin—November 2017 that address 31 vulnerabilities, 9 of which are critical remote code execution flaws. The Android Security Bulletin includes three different security patch levels. The 2017-11-01 and 2017-11-05 patch levels contain fixes for both Critical […]
