mobile

Pierluigi Paganini November 24, 2020
Baidu Android apps removed from Play Store because caught collecting user details

Two Baidu Android apps have been removed from the Google Play Store in October after they’ve been caught collecting sensitive user details. Two apps belonging to Chinese tech giant Baidu, Baidu Maps and Baidu Search Box, have been removed from the Google Play Store at the end of October after they’ve been caught collecting sensitive […]

Pierluigi Paganini November 05, 2020
Apple addresses three actively exploited iOS zero-days

Apple released iOS 14.2 that addressed three zero-day vulnerabilities in its mobile OS that have been abused in attacks in the wild. Apple has addressed three iOS zero-day vulnerabilities actively exploited in attacks the wild and affecting iPhone, iPad, and iPod devices. The zero-day vulnerabilities have been fixed by the IT giant with the release of iOS […]

Pierluigi Paganini October 09, 2020
New MalLocker.B ransomware displays ransom note in innovative way

Microsoft warns of Android ransomware that activates when you press the Home button Microsoft spotted a new strain of Amdroid ransomware tracked as MalLocker.B that activates when the users press the Home button. Researchers from Microsoft spotted a new strain of Android ransomware that abuses the mechanisms behind the “incoming call” notification and the “Home” […]

Pierluigi Paganini September 19, 2020
Hijacking nearby Firefox mobile browsers via WiFi by exploiting a bug

Mozilla addressed a bug that can be exploited by attackers to hijack all the Firefox for Android browsers that share the same WiFi network. Mozilla has addressed a vulnerability that can be abused by attackers to hijack all the Firefox for Android browsers on the same WiFi network and force them to visit malicious sites, […]

Pierluigi Paganini September 18, 2020
Rampant Kitten ‘s arsenal includes Android malware that bypasses 2FA

Security researchers discovered Android malware capable of bypassing 2FA that was developed by an Iran-linked group dubbed Rampant Kitten Security researchers from Check Point discovered an Android malware, developed by an Iran-linked group dubbed Rampant Kitten, that is able to bypass 2FA. Rampant Kitten has been active at least since 2014 and was involved in […]

Pierluigi Paganini September 03, 2020
Is the Belarusian government behind the surveillance Android app banned by Google?

Google has removed an app from the Play Store that was used by the Belarusian government to spy on anti-government protesters. Google has removed the app NEXTA LIVE (com.moonfair.wlkm) from the official Play Store because it was used by the Belarusian government to spy on anti-government protesters. The malicious app remained in the store for almost […]

Pierluigi Paganini August 11, 2020
Flaws in ‘Find My Mobile’ exposed Samsung phones to hack

A researcher found multiple flaws in Samsung’s Find My Mobile that could have been chained to perform various malicious activities on Samsung Galaxy Phones. The security researcher Pedro Umbelino from Portugal-based cybersecurity services provider Char49 discovered multiple vulnerabilities in Samsung’s Find My Mobile that could have been chained to perform various malicious activities on Samsung Galaxy […]

Pierluigi Paganini August 05, 2020
NSA releases a guide to reduce location tracking risks

The United States National Security Agency (NSA) is warning of risks posed by location services for staff who work in defence or national security. The United States National Security Agency (NSA) published a new guide to warn of the risks posed by location services for staff who work in defence or national security. The guide, titled […]

Pierluigi Paganini July 10, 2020
Pre-Installed malware spotted on other Android phones sold in US

Researchers from Malwarebytes have found yet another phone with pre-installed malware via the Lifeline Assistance program sold in the United States. Researchers at Malwarebytes have found malware pre-installed on smartphones sold in the United States, this is the second time as documented in a report published in January. In January, Malwarebytes researchers discovered that the […]

Pierluigi Paganini June 15, 2020
Flaws in mobile Internet protocol GTP allow hackers to target 5G users

Security vulnerabilities in modern communication protocol GTP used by mobile network operators can be exploited by attackers to target 4G/5G users. Researchers at cybersecurity firm Positive Technologies Security have discovered several vulnerabilities in communication protocol GPRS Tunnelling Protocol (GTP), that is used by mobile network operators (MNOs). Threat actors could exploit these flaws to conduct several […]