Mobile Security news & analysis | SC Media

Mobile Security News and Analysis l SC Media

Three apps claiming to improve Instagram exposed as an insta-scam


A trio of Android applications that supposedly helped Instagram account owners increase likes and followers, boost security and improve the overall user experience were actually stealing their usernames and passwords, Malwarebytes has reported. The apps, which were designed to target users based in Iran, had been available for download via the Google Play store as…

Security update removes hard-coded credentials from MyCar Controls app


Motor vehicle technology and equipment provider AutoMobility Distribution Inc. has updated its MyCar Controls telematics mobile application for iOS and Android in order to eliminate the use of insecure hard-coded credentials. The MyCar app offers geolocation services as well as remote start/stop and lock/unlock capabilities to vehicles that come with a compatible remote start unit.…

Galaxy S5 fingerprint scanner bypassed using old Apple Touch ID spoof

Researchers claim to trick Samsung Galaxy S10 fingerprint scanner using a 3D printed image


A Reddit user claims to have fooled the ultrasonic fingerprint scanner on the Samsung Galaxy S10 using a 3D printed image. Reddit user darkshark9 posted a video on imgur of what appears to be them pressing a small sheet of a 3D printed image against the phone’s fingerprint scanner and subsequently unlocking the device. The…


Freshmen hack high school WiFi to avoid a test


Two Secaucus, N.J., high school freshmen have been accused of allegedly knocking their school’s WiFi system offline possibly using a malware as a service deal to create the situation. The two 14-year-old boys were arrested last week and charged with computer criminal activity and conspiracy to commit computer criminal activity, according to CBS New York.…


Massively invasive Italian spyware campaign found on Google Play


The non-profit security organization Security Without Borders (SWB) has identified a campaign utilizing Italian-language service applications from mobile operators apps that instead of doing their stated function are in fact spyware. The groups report stated that dozens of infected apps had been found in the Google Play store with a possible download total in the…

Reports: Israeli officials’ devices hacked; data possessed by Iran


Hackers stole information from former Israeli prime minister Ehud Barak’s computer and phone months ago and sold it to Iran, according to multiple news outlets, citing a TV report by Israel’s Channel 12 this past weekend. The news reportedly broke several days after a separate Channel 12 story that said Iranian intelligence directly hacked the…

GCA, Mastercard partner on free cybersecurity toolkit for small business (Video)


Small businesses, which make up 99 percent of businesses globally and, on average, 70 percent, grapple with some of the same major cybersecurity challenges as large enterprises, only without the same resources. The Global Cyber Alliance (GCA) and Mastercard have teamed on a free Cybersecurity Toolkit aimed at helping smaller and medium-sized businesses. GCA President…

Malicious SDK installs SimBad adware on apps downloaded millions of times


The developers of 210 mobile applications found on the Google Play Store were apparently tricked into building their programs using a malicious software developer kit that secretly implanted adware in their apps. The apps, many of which were packaged as driving or racing simulator games, were downloaded nearly 150 million times by Android device users,…

Android officially adopts FIDO2 authentication standard as alternative to passwords


Google’s Android operating system is now certified to employ the FIDO2 open authentication standard, a development that could help owners of more than a billion Android devices phase out the use of passwords when logging in to online services. As an alternative to potentially insecure passwords, FIDO2 instead offers the option of using fingerprints or…

Report: Apple demands companies obtain consent before recording users’ app sessions


Apple has reportedly issued an ultimatum to companies that rely on “session replay” tools to track the way users interact with their iPhone apps: disclose the practice and seek explicit consent for it, or be removed from the app store. Apple’s mandate comes after a TechCrunch report last Wednesday revealed that Air Canada, Hollister, Expedia,…

Next post in Security News