Mobile Security News, Articles and Updates

70 percent of mobile devices of top networks vulnerable, study

More than 70 percent of mobile devices on five major U.S. carriers are susceptible to breach due to unpatched devices, according to a recent study.

Tacoma fined second time for withholding Stingray data

For the second time this month, the city of Tacoma, Wash. was fined for withholding information concerning its use of Stingray devices.

Nearly a million Minecraft players feel like blockheads after installing fake mod apps

A spate of malicious apps falsely posing as mod programs for the popular world-building game Minecraft were downloaded by users roughly 990,000 times on Google Play before they were reported earlier this month.

Imperva Incapsula warns of rapidly strengthening DDoS attacker capabilities

Incapsula, Imperva's DDoS experts, have said US, UK and Netherlands top attacked countries, drew 74.9 percent of all attacks.

Demi Lovato nudes leaked, scammer targets private citizens for sex shows

A spearphishing scammer demanded a sex show from a private citizen after obtaining the victim's email credentials.

Hackers threaten to wipe iPhones following iCloud breach

Hackers, purporting to be part of a Turkish crime family, are threatening to remotely wipe 200 million iPhones following an alleged breach of iCloud security.

Flaw in McDonald's mobile app in India delivers not so tasty options

A flaw in a mobile app is leading to some unappetizing offerings for McDonald's customers in India.

Trump Tower, Clinton email investigation info on stolen Secret Service agent's laptop

While authorities recovered a black bag marked with the Secret Service log and some coins, a scramble was on to find the laptop, which contained sensitive information related to national security.

Wishy-washy security? Wishbone mobile app breached

Wishbone, a mobile app that is especially popular with teenage girls, suffered a data breach in August 2016 that compromised 9.4 million records, 2.2 million of which were registered with unique email addresses.

Researchers hack Fitbits and other IoT devices using sound

A group of researchers from the University of Michigan and the University of South Carolina were able to develop a series of attacks that manipulate devices using sound

WhatsApp, Telegram users susceptible to hack, Check Point

Researchers have uncovered what they term a "severe vulnerability" in WhatsApp and Telegram, two enormously popular apps that use end-to-end encryption enabling users to communicate privately.

Android Devices pre-loaded with malware signal fault in supply chain

Check Point has discovered dozens of Android devices that were received with malware preloaded onto them which were possibly infected on their way through the Android supply chain.

Autonomous warfare: Call of Duty meets Pokemon Go?

Pentagon Strategic Capabilities Office Director Will Roper envisions the future of autonomous warfare looking like Pokemon Go.

Old iOS vulnerability spotted in Nintendo Switch browser

A researcher has already found an old vulnerability in the Nintendo Switch which could allow remote attackers to execute arbitrary code.

New Hampshire House approve Stingray legislation

The New Hampshire House unanimously approved a bill restricting warrantless stingray surveillance.

Researchers warn augmented mobile and open source = malware opportunity

ESET researchers warn that augments mobile applications plus open source platforms like Google's open could be a recipe for clever malware to come.

Flash Seats ticketing app users could get scalped by a MITM attack

The Flash Seats Mobile App for iOS, a sports and entertainment ticket management app, is vulnerable to man-in-the-middle attacks due to improper validation of SSL certificates provided by HTTPS connections.

Uber free ride bug nets $5,000 bounty

Independent researcher Anand Prakash spotted a glitch that could allow users to book a free ride from anywhere Uber is available.

Version of Facebook Lite app weighed down by Spy FakePlay mobile malware

A version of the social media mobile app Facebook Lite, most likely available via third-party sites in China, was found infected with malware that can steal personal information, Malwarebytes reported on Monday.

Mobile malware attacks hit new heights in 2016: Kaspersky Labs

The number of malicious installation packages found striking mobile devices more than tripled in 2016 resulting in almost 40 million attacks by malicious mobile malware during the year, according to Kaspersky Labs.

132 Google Play apps found containing malicious iframes

Researchers with Palo Alto Networks today reported finding 132 Android apps on Google Play whose HTML code was injected with hidden, malicious iframes, likely due to malware infecting a development platform used by the apps' creators.

Only 1.2% of Android phones have the most up-to-date version of the OS

Just 1.2 percent of Android phones have the most up-to-date version of the operating system installed.

German researchers find flaws in nine major password managers

TeamSIK has published a security assessment of nine popular password management applications on Android devices and found them all to contain security vulnerabilities. All vulnerabilities have been patched prior to publication.

White House cybersecurity policy? Anyone? Anyone?

The White House may be inscrutable when it comes to cybersecurity and privacy, but if the Trump-Abe tete-a-tete in Mar-a-Lago proved anything, it's that the administration needs a BYOD policy. Stat. Teri Robinson opines.

Fragmentation-nation: only 1.2% of Android devices use latest OS

With such low adoption rates of the latest security patches, security bods have said it is increasingly difficult to protect Android users who might not be tech-savvy enough out of harm's way.

Cellebrite celebrates: Israeli firm can now open iPhone 6 and 6 plus

The mobile forensics company Cellebrite is slowly catching up with its abilities to exfiltrate data from mainstream mobile phones, and has come under criticism for selling its technology to autocratic regimes.

Fingerprints to unlock iPhone? Judge says no.

A federal judge in Chicago issued an opinion last week that would deny the government's attempt to force Apple device owners from providing a fingerprint to unlock their device.

Kaspersky: Banking malware attacks up 30.6% in 2016; finance sector phishing also more prevalent

The number of cyberattacks targeting financial institutions and their customers soared to new heights in 2016, according to Kaspersky Lab, which observed nearly 1.09 million banking trojan attacks on users in 2016.