A malicious actor has been leveraging a Google Chrome browser exploit to deliver malvertisements to iOS users, including a campaign earlier this month during which 500 million user sessions were exposed to a session hijacking attack. Dubbed eGobbler by researchers at Confiant, the threat actor from April 6-10 ran a massive operation consisting of eight…
A trio of Android applications that supposedly helped Instagram account owners increase likes and followers, boost security and improve the overall user experience were actually stealing their usernames and passwords, Malwarebytes has reported. The apps, which were designed to target users based in Iran, had been available for download via the Google Play store as…
Motor vehicle technology and equipment provider AutoMobility Distribution Inc. has updated its MyCar Controls telematics mobile application for iOS and Android in order to eliminate the use of insecure hard-coded credentials. The MyCar app offers geolocation services as well as remote start/stop and lock/unlock capabilities to vehicles that come with a compatible remote start unit.…
A Reddit user claims to have fooled the ultrasonic fingerprint scanner on the Samsung Galaxy S10 using a 3D printed image. Reddit user darkshark9 posted a video on imgur of what appears to be them pressing a small sheet of a 3D printed image against the phone’s fingerprint scanner and subsequently unlocking the device. The…
Two Secaucus, N.J., high school freshmen have been accused of allegedly knocking their school’s WiFi system offline possibly using a malware as a service deal to create the situation. The two 14-year-old boys were arrested last week and charged with computer criminal activity and conspiracy to commit computer criminal activity, according to CBS New York.…
The non-profit security organization Security Without Borders (SWB) has identified a campaign utilizing Italian-language service applications from mobile operators apps that instead of doing their stated function are in fact spyware. The groups report stated that dozens of infected apps had been found in the Google Play store with a possible download total in the…
Hackers stole information from former Israeli prime minister Ehud Barak’s computer and phone months ago and sold it to Iran, according to multiple news outlets, citing a TV report by Israel’s Channel 12 this past weekend. The news reportedly broke several days after a separate Channel 12 story that said Iranian intelligence directly hacked the…
Small businesses, which make up 99 percent of businesses globally and, on average, 70 percent, grapple with some of the same major cybersecurity challenges as large enterprises, only without the same resources. The Global Cyber Alliance (GCA) and Mastercard have teamed on a free Cybersecurity Toolkit aimed at helping smaller and medium-sized businesses. GCA President…
The developers of 210 mobile applications found on the Google Play Store were apparently tricked into building their programs using a malicious software developer kit that secretly implanted adware in their apps. The apps, many of which were packaged as driving or racing simulator games, were downloaded nearly 150 million times by Android device users,…
Google’s Android operating system is now certified to employ the FIDO2 open authentication standard, a development that could help owners of more than a billion Android devices phase out the use of passwords when logging in to online services. As an alternative to potentially insecure passwords, FIDO2 instead offers the option of using fingerprints or…
