Mobile Security News, Articles and Updates

Apple iOS patches Wi-Fi remote memory corruption bug

A researcher spotted an iOS memory corruption vulnerability which could allow an attacker to seize control of a user's device.

CopyCat adware uses Amazon Web Services, APK segmentation to evade detection

The CopyCat adware that infected over 14 million Android devices employs evasion techniques to avoid detection, including the use of Amazon Web Services and the segmentation of malicious APK files.

Android 7.1 Nougat version comes with hidden "panic detection"

Android 7.1 Nougat contains a secret panic mode designed to be triggered in the event that malware locks a user's screen.

Apple accused of playing cheap with its bug bounty

Researchers accuse Apple of playing cheap with its bug bounty payout offerings.

SpyDealer Android malware hitting smartphones in Asia

SpyDealer was discovered by Palo Alto Networks, and while it has the potential to be quite dangerous, there are several mitigating factors that have helped limit the malware's impact.

Trio of Lenovo Vibe vulnerabilities can lead to device rooting

Lenovo VICE mobile phones running on Android Lollipop and earlier versions contain three vulnerabilities that allow rooting of the device.

Linux malware gaining favor among cybercriminals

Linux malware is becoming a more important tool for cybercriminals as these individuals focus a greater portion of their attention on attacking IoT devices running the open-source operating system.

Variant of Marcher Android malware poses as Flash Player update

Developers of the Android banking malware Marcher are now disguising the trojan as an Adobe Flash Player update, the cloud security company Zscaler has reported in a Thursday blog post.

Samsung left millions at risk by not renewing domain, patches Magician

Samsung Magician recently patched a flaw which could allow an attacker to execute arbitrary code but a separate flaw may have left millions at risk all because of an renewed domain.

Mobile device hackers step up their game with chain attacks

Cybercriminals have moved to a new level when attacking mobile devices replacing their simplistic attack methods with sophisticated and stealthier models that now use chain attacks instead of one of the older one-trick pony hacks that simply tried to elevate privileges, according to Checkpoint.

Google ups reward for Android bugs to $200K

Google has pumped up its Android Security Rewards program, with as much as $200,000 being granted for its top prize.

Data incident at Stephenville Medical & Surgical Clinic in Texas

An unnamed employee in the Medical Records Department mistakenly sent a spreadsheet containing data on former patients.

Trump's cellphone calls may be heard by more people than just other world leaders

Security around the president's cellphone communications was tighter during the Obama administration when the then-leader had to relinquish certain apps on his Blackberry and access to his number restricted to just a few people.

Judy in Disguise: Mobile malware posing as Android apps downloaded up to 36.5M times

A pair of campaigns designed to spread ad fraud malware through supposedly innocuous Android applications generated between 8.5 million and 36.5 million downloads before Google removed the apps from its online store.

Samsung Galaxy S8 iris scanner hacked with simple cheat

Chaos Computer Club hackers have found a way to cheat biometric verification on Samsung Galaxy S8

Google adds more security with Play Protect app

Google will roll out a new security tool called Google Play Protect over the next few weeks to all Android users.

Worth it? Android users make $0.05 profit infecting themselves with Ztorg trojan

A malware operation reportedly has been tricking millions of Android device owners into infecting themselves with the Ztorg rootkit trojan by enticing them with offers from ad networks and apps that pay users for installing content.

Unraveling mobile banking malware, Check Point

Banking malware targeting mobile users requires little tech know-how to develop and operate, so it stands as a recurrent battle for security professionals.

Scam found pushing unwanted apps that can intercept texts

A new scam has been spotted that uses legitimate porn sites to spread potentially unwanted apps.

WhatsApp scam offers free Netflix, but steals info and commits SMS fraud

WhatsApp users are receiving scam messages from trusted sources, offering free Netflix access for a year if they pass on a link to 10 of their contacts.

Report: WhatsApp began encrypting back-ups to iCloud Drive in late 2016

WhatsApp added another layer of protection for users in late 2016, quietly introducing a new feature that encrypts messages and contacts when uploading this data to Apple's iCloud servers, according to a Forbes report.

Android 'O' will reportedly fix dangerous permissions flaw exposing users to attacks

A flaw in Google Android's security mechanisms reportedly exposes users to ransomware, banking malware and adware attacks, but Google is apparently addressing the issue in its upcoming version of the OS, Android O.

Pickpockets and hackers, the latest cybercrime marriage

A Trend Micro researcher may have stumbled across a new alliance in place between petty criminals and their more sophisticated cyber cousins that could prove mutually beneficial.

FalseGuide malware hits 600K devices via botnet on Google Play

A new strain of malware was detected on Google Play that mobile threat researchers at Check Point dubbed FalseGuide and said was hidden in more than 40 guide apps for games.

Met Police officer buys malware that monitors messages, calls and more

A London police officer has purchased malware for mobile phones and computers that can intercept calls, emails and more.