Mobile Security news & analysis | SC Media
Skip to navigation Skip to main content

Mobile Security News and Analysis l SC Media

hotel
Cybercrime, Malware, Mobile Security, Retail, Security News, Web Services Security, E-Commerce Security, Website/Web Server Security

Hotel websites infected with skimmer via supply chain attack

By
Publish Date

A Magecart card-skimming campaign this month sabotaged the mobile websites of two hotel chains by executing a supply chain attack on a third-party partner, researchers have reported. The third party in both instances was Roomleader, a Barcelona-based provider of digital marketing and web development services. One of the ways Roomleader helps hospitality companies build out…

APTs/cyberespionage, Cybercrime, Malware, Mobile Security, Security News

Reports say China devised iPhone malware campaign to track Muslims; Android and Windows devices also targeted

By
Publish Date

A recently exposed malware campaign that used watering-hole attacks to target iPhone users for more than two years was reportedly part of an effort to track Uyghur Muslims based in China’s Xinjiang state. The campaign was actually broader than originally thought, and attempted to infect Android and Microsoft Windows devices as well, reports are also…

Apple issues seven updates, fixes more than 40 vulnerabilities in iOS 8, OS 10.9.5
APTs/cyberespionage, Cybercrime, Malware, Mobile Security, Security News

Watering-hole attack campaign designed to infect iOS users via exploit chains

By
Publish Date

Researchers at Google’s Project Zero yesterday lifted the curtain on a long-running mobile malware operation that for years attempted to infect iOS device users with a malware implant, using exploits delivered via a small number of compromised websites. In an online blog post report, Google researcher Ian Beer did not reveal the specific websites that…

mobile security
Mobile Security, Security News

AhMyth –based malicious app found in Google Play

By
Publish Date

A new type of Android-centric spyware has been found that is capable of avoiding Google’s app-vetting process. Malicious actors have placed the spyware in an app, called Radio Balouch, aka RB Music, which does in fact deliver on its advertised promise of playing Balouchi-style music, a traditional music that encompasses classical, semi-classical, and folk music…

AppleMalware2
Mobile Security, Security News, Vulnerabilities

iOS 12.4 update reintroduced old bug, enabling jailbreak for current devices

By
Publish Date

Apple’s latest iOS update reportedly undid a patch that was introduced in the previous release, a mistake that allowed a security researcher to publish a jailbreak for the most up-to-date version of the operating system. The unpatched vulnerability is CVE-2019-8605, an arbitrary code execution bug caused by a use-after-free condition. Working in tandem with Google…

trojanhorse_1032765
Cybercrime, Malware, Mobile Security, Security News

Trojanized apps containing ad fraud malware downloaded 102M times

By
Publish Date

Two related ad fraud malware programs, recently discovered in 34 trojanized Android applications, have already been downloaded roughly 102 million times from the Google Play store, researchers reported. Dubbed Android.Click.312.origin and Android.Click.313.origin, the malicious clicker trojans appear to be designed primarily to sign users up for paid premium services without their consent, according to a…

Mobile Security, Security News, Vulnerabilities

Apple to expand bug bounty program, offer researchers access to iOS, iPhones

By
Publish Date

Apple is drastically overhauling its bug bounty program, eliminating its invitation-only status, increasing its rewards, expanding it to include MacOS and other operating systems, and even agreeing to supply qualified researchers with special iPhones that are easier to probe for vulnerabilities. Apple’s head of security engineering Ivan Krstic announced these changes last week at the…

Next post in Security News