Mobile Security news & analysis | SC Media

Mobile Security News and Analysis l SC Media

Bouncing Golf campaign takes swing at Android users with info-stealing malware

A newly discovered cyber espionage campaign has been targeting Android users in the Middle East with malware designed to steal scores of device information, snoop on victims and potentially take over mobile devices. Known as GolfSpy, the malware is found in once-legitimate applications that have been repackaged to contain malicious code, according to a June…

trojanhorse_1032765

Google reveals actors behind Triada trojan

An analysis by Google Security on the Triada malware family found a vendor going by the name of either Yehuo or Blazefire was most likely responsible for malware that came preinstalled on some Android phones. Google’s research revealed Triada was most likely implanted on a device during the manufacturing process when the vendor opted to…

applePatch

Apple patches AirPort Base Station Firmware

Apple released several patches to addressed several vulnerabilities in its 7.9.1 update concerning its AirPort Base Station Firmware. The update is available for AirPort Extreme and AirPort Time Capsule base stations with 802.11ac. The vulnerabilities that could allow a remote attacker to leak memory, cause a denial of service, cause arbitrary code execution, not delete…

Boost Mobile breached

Boost Mobile was hit with a breach which affected an unknown number of customer accounts. “Boost.com experienced unauthorized online account activity in which an unauthorized person accessed your account through your Boost phone number and Boost.com PIN code,” the company said in a notification. “The Boost Mobile fraud team discovered the incident and was able…

A research group recently exposed a flaw in SIM cards that allows attackers to compromise devices.

‘The Community’ hacking group members charged in SIM hijacking scheme

Nine members of The Community hacking group have been charged with aggravated identity theft, conspiracy to commit wire fraud and wire fraud related to a SIM hijacking campaign designed to steal cryptocurrency. Charged by the U.S. Attorney’s Office, Eastern District of Michigan are Conor Freeman, Ricky Handschumacher, Colton Jurisic, Reyad Gafar Abbas, Garrett Endicott and…

'KorBanker' steals SMS messages, takes authentication codes in the process

Researcher uncovered passwordless database used for SMS bombing

A researcher uncovered a massive SMS Bombing Operation in a passwordless database that exposed the sensitive information of millions of users. Security researcher Bob Diachenko discovered an open and unprotected MongoDB instance containing a massive amount of data including MD5 hashed emails, first and last names, location data, IP address, phone number, mobile network carrier…

Google unveils new controls for automatically deleting data after 3 or 18 months

Google on Wednesday announced an upcoming, privacy-friendly feature that will automatically delete user location history and web and app activity data after a specified period of time. The new controls will be rolled out in the coming weeks, Google revealed in a blog post authored by David Monsees, “Search” product manager, and Marlo McGriff, “Maps”…

Huawei responds to leaks detailing NSA hack of firm's networks

Backdoors found in Huawei-supplied Vodafone equipment

Huawei Technologies is facing yet another controversy, this time after security documents from Europe’s Vodafone noted that the Chinese firm supplied the carrier with hardware laden with security issues. Vodafone said it found backdoors in the software contained in Huawei home routers and optical service nodes. Such backdoors could allow Huawei to gain access to…

Next post in Mobile Security