Mobile Security News, Articles and Updates

Mobile malware a universal threat around the globe: Check Point

When it comes to avoiding mobile malware no company anywhere on the planet is immune.

Manhattan DA speaks on burden of hiring hackers to beat smartphone encryption

Cy Vance spoke on the lack of federal legislation to force tech giants to make exceptions in smartphone encryption for when judicial warrants are issued.

Researchers create mask that defeats iPhone Face ID feature

Barely one week after the highly anticipated launch of Apple's new iPhone X, security researchers are claiming they were able to defeat its Face ID facial recognition security feature using a carefully crafted mask worth approximately $150.

ToastAmigo malware uses new twist to attack Toast overlay vulnerability

A new malware has been uncovered that uses an updated methodology to abuse the previously patched Android Toast overlay vulnerability, which once installed, can download additional malware as well as use various permissions to access the phone.

Texas National Guard spent $373,000 on stingray equipment

The Texas National Guard last year spent more than $373,000 to install two of its DRT 1301C "portable receiver systems" in two RC-26 secretive surveillance aircraft.

Marcher banking trojan campaign attacks Austrians' finances three different ways

An attack campaign targeting Android users in Austria has been employing a unique trio of techniques to steal their funds: a credentials phishing web page, malicious banking app overlays, and credit card phishing screens.

Celebgate 3.0? WWE stars Paige and Jojo nudes leaked

WWE diva Paige has once again had her intimate photos leaked just a few weeks after a third man plead guilty for hacking into celebrity accounts.

iXintpwn/YJSNPI distributed in app stores once used to spread ZNIU

App stores that once distributed the rootkit malware used by ZNIU are now distributing a new iXintpwn/YJSNPI Variant.

Apple's machine learning can spot bra pics

A Twitter user is warning girls that Apple's machine learning is capable of categorizing images of women in their intimate apparel that are saved to a device.

Ramnit botnet spotted in Google Play but poses limited threat

In much the same way a forgotten land mine can cause injury years after it was planted and forgotten, researchers are noticing the Ramnit worm popping up on mobile devices two years after its main users were taken down.

Lieu, Markey introduce Cyber Shield Act of 2017 for IoT devices

A new bill designed to identify, verify, and label compliant Internet-of-Things (IoT) devices with strong cybersecurity standards has been introduced by two federal lawmakers.

T-Mobile API bug may have leaked customer account data

A bug within T-Mobile's wsg.t-mobile.com API may have allowed attackers to access customer data that can be used to carry out phishing attacks or worse.

Apple denies Bloomberg's claims of lowering iPhone X face-recognition accuracy

Apple is disputing claims that tech giant ordered manufacturers to lower the accuracy of its face-recognition to make the iPhone X easier to manufacture.

LokiBot Android Banking Trojan turns into ransomware in last ditch effort

An Android banking trojan dubbed LokiBot turns into a ransomware when users try to remove its admin privileges in a last ditch effort to extort the user.

FBI Director Wray: encryption kept agency from accessing 7,000 mobile devices

Encryption has kept the FBI from accessing 7,000 mobile devices, says FBI Director Christopher Wray.

Study finds 25 percent of financial service employee mobile devices unpatched

A recent Symantec report found 25 percent of financial service employee mobile devices have unpatched vulnerabilities.

Google Play bug bounty program aims to make Android apps safer

The program represents the first time top Android app developers are being asked establish public-facing vulnerability disclosure programs on the HackerOne platform...with Google Play picking up the tab for bonus bounties.

Android malware on Google Play grows botnets, launches DDoS attacks

The Sockbot malware has made its way into at least eight Apps in the Google Play Store with the intent of adding devices to botnets and performing DDoS attacks.

Secret Service nixes personal mobile devices in West Wing after Kelly hack

Hackers likely made their way into the personal mobile phone belonging to Chief of Staff Gen. John Kelly last December.

FBI does not have to reveal San Bernardino shooter iPhone hacking vendor

A federal judge has ruled that the Federal Bureau of Investigation does not have to reveal the vendor it hired nor the price paid to access to the iPhone 5C used by San Bernardino shooter Syed Rizwan Malik and his wife Tashfeen.

AI helping drive down Android malware infection ate

Artificial intelligence (AI) is taking off as Google's primary method of detecting malware effecting Android and is now detecting more than half of all issues discovered.

Apple's iOS 11 release prevents backdoor exploit on Wi-Fi chips

Apple's release of iOS 11 patched an out-of-bounds write vulnerability in Wi-Fi chips that, if exploited, could have allowed attackers within range to execute arbitrary code on the firmware.

Apple patches a potentially critical vulnerability with iOS 11.0.01 update

Apple's iOS 11.01 seems to have addressed previous problems that prevented users from sending emails from Outlook.com and Exchange accounts.

Cleartext passwords, and worse found among top 21 financial trading apps

IOActive Senior Security Consultant Alejandro Hernández analyzed 21 of the most used and well-known mobile trading apps.

Dirty Cow malware swipes payments, installs backdoor into Android devices

Malware called ZNIU that is based on CVE-2016-5195, aka Dirty COW, has been found in more than 1,200 malicious Android apps affecting 5,000 users in 40 countries more than a year after the vulnerability first became known.

Security analyst calls for duress codes that can wipe confiscated phones

The time has come for smartphones to come programmed with a duress code that wipes the device clean, in the event a border agent demands to search it, a veteran information security analyst has suggested in an op-ed piece.