Mobile Security news & analysis | SC Media

Mobile Security News and Analysis l SC Media

T-Mobile CEO John Legere

T-Mobile email vendor breach exposes info on customers, employees

A “sophisticated attack” at against T-Mobile’s email vendor gave an unauthorized third party access to some of the mobile provider’s employee email accounts that contained account information for T-Mobile customers and employees. The information may have included customer names and addresses, phone numbers, account numbers, rate plans and features, and billing information, the T-Mobile said in a…

Walgreens mobile app leaked PII, PHI on ‘small percentage’ of customers

A leak in the Walgreens mobile app’s messaging service exposed personal information – including what the company said was “limited health-related data” – on a “small percentage” of customers who used the app between Jan. 9-15. “Fortunately for consumers, the short exposure window of the vulnerability and the specific conditions required should keep the impact…

Huawei responds to allegations of NSA hacking

Justice Dept. expands Huawei indictment, charging 5G espionage

The U.S. government expanded its year-old lawsuit against Chinese tech firm Huawei, alleging the company conducted cyber espionage on six American competitors in an attempt to steal trade secrets to gain an unfair advantage. Filed in the federal court’s Southern District in Brooklyn, the indictment charges that Huawei’s activities violated racketeering laws by illegally gaining…

vote network security

Voatz mobile voting app vulnerable, MIT researchers say

On the heels of the voting app debacle during the Iowa Democratic caucuses, researchers at MIT have found multiple security- and privacy-related vulnerabilities in an online voting app, Voatz, used in West Virginia during the 2018 midterm elections and on track to be used again for the 2020 contests, according to a security audit released…

Malicious apps now post their own positive reviews on Google Play

The assault on Google’s Play Store continues with 30 malicious apps being revealed that have been downloaded hundreds of millions of times and having capabilities that have caused security firms suggesting end users take extraordinary steps to vet software prior to downloading. VPNpro and Trend Micro made public 24 and four apps, respectively, that are…

Analysis of popular apps finds rampant sharing of personal data

An analysis of 10 highly popular Android apps found what researchers are calling the “out of control” sharing of potentially sensitive information with third parties, in some cases in likely violation of Europe’s GDPR privacy regulations. The findings, which were published in a report issued by the Norwegian Consumer Council (NCC), prompted a coalition of…

iPhone's are also susceptible to hacking.

Federally funded Unimax smartphone pre-loaded with malware

The Unimax UMX U686CL is a Chinese-made smartphone distributed by the federally funded Assured Wireless by Virgin Mobile has been found to come pre-loaded with two malicious applications. Malwarebytes researchers found the malware every owner finds on their phone is Wireless Update and amazingly the device’s own Settings app, neither of which can be removed…

Two information-disclosing bugs found in Twitter Android

In the span of five days, reports of two Twitter Android app vulnerabilities have surfaced: one that could cause attackers to view nonpublic account information or control accounts, and another that reportedly allowed a researcher to look up details on 17 million accounts. In a Dec. 20 blog post, Twitter noted that it issued an…

Next post in Vulnerabilities