Mobile Security News, Articles and Updates

Bluetooth ache: Protocol's security not sufficiently researched, experts claim after 'BlueBorne' disclosure

The recently disclosed collection of "BlueBorne" vulnerabilities that were found to affect at least 5.3 billion Bluetooth-enabled devices has revealed several inconvenient truths about the short-range communications protocol, experts say.

More BankBot apps sneak into Google store; UAE banks added to malware's targets

The Google Play store once again has been invaded with apps carrying BankBot Android banking malware that uses fake overlay screens to fool banking app users into giving away their credentials.

Microsoft Patch Tuesday: 21 critical updates listed, one zero day fixed

Microsoft's September Patch Tuesday security updates patch a zero-day flaw found in the wild and used to target Russian language speakers and details the BlueBorne vulnerability that could impact five billion Bluetooth devices.

Apple iPhone X swaps Touch ID for 'Face ID' facial recognition unlock

Apple is swapping fingerprint verification for face recognition software in the newly revealed iPhone X, a move the company says is more secure.

FA readies players for inhospitable cyber World Cup cyber environment

British World Cup team members have more to worry about than what happens on the football pitch in host country Russia as the Football Association (FA) is already expressing concerns about hackers going after the team's players and staff.

Apple iOS 11 makes it harder for law enforcement to access data

Apple appears to have not buried the hatchet with law enforcement and is doubling down on its privacy beliefs with the latest iOS 11.

Most Android phones susceptible to the Toast overlay vulnerability

A critical vulnerability in all Android devices running any version except 8.0 that if left unpatched can let hackers steal credentials, lock the device or install unwanted applications has been disclosed.

DJI implements bug bounty program

Drone maker DJI has launched a bug bounty program offering rewards ranging from $100 to $30,000 to those who find, disclose and remediate issues affecting the security of DJI's software.

Researchers unite to quash 'WireX' DDoS botnet composed of Android devices

Security researchers from at least seven major companies collaborated this month to subdue a DDoS botnet composed of compromised Android devices operating in more than 100 different countries.

Report: Uber to discontinue post-ride tracking of app users

Uber Technologies will no longer track its app users' physical locations once a ride ends, Reuters has reported.

New malware and adware spreading through Facebook Messenger

Fake messages on Facebook Messenger found to harbour malware.

Researchers spot build your own malware apps for ransomware

Symantec researchers have spotted mobile malware factories in the wild which allow wannabe malware authors develop custom malware on their own devices without having to write a single line of code.

Researcher spots uptick in WAP-billing Trojan-Clickers

Kaspersky Lab researcher Roman Unuchek spotted an uptick in WAP-billing trojan-clickers from different cybercriminal groups targeting users in Russia and India.

Malicious replacement touchscreens could completely compromise phones, researchers demonstrate

Mobile users who substitute their damaged phone touchscreens or other hardware components with third-party replacements could be infecting their phones with malicious components that could allow attackers to completely compromise the device.

Android Oreo includes new Google Play Protect security feature

Google's Android Oreo includes new security features designed to protect users' devices and data from malicious apps with a host of new security features.

New version of Faketoken Android banking trojan records calls, targets transportation apps

A mobile banking trojan known for using malicious overlays to trick financial app users into giving away their credentials has evolved further to target travel, transportation and traffic ticket payment apps, as well as record phone calls.

Top 10 Security Challenges for 2017

The first half of 2017 has not exactly been a ride in the park for cybersecurity professionals.

Dating apps that collect personal details may attract scammers, researchers warn

Users of online dating apps could end up the target of spear phishing and social engineering scams, especially when these services make one's personal information accessible to virtually anyone, Trend Micro researchers have warned.

SMS touch texting app sends data in cleartext

The popular and inexpensive texting international app SMS touch has been found to send critical data in cleartext making the users susceptible to hackers.

Google patches 10 critical remote code execution flaws in latest Android update

The update also described patches for High and Moderate level vulnerabilities which could allow similar attacks, all of which were contained in the devices' Media Framework, Broadcom, Kernal. MediaTek, and Qualcomm components.

Google patches BroadPwn bug in Chrome OS

Google has released a security update for its Chrome operating system in order to address the critical BroadPwn security bug that can be exploited to remotely control devices.

Svpeng mobile banking trojan now a keylogger

Cybercriminals have updated the functionality of the popular Svpeng mobile banking trojan giving it keylogger capabilities and the ability to access the text input from almost all of a devices apps.

Apple iOS patches Wi-Fi remote memory corruption bug

A researcher spotted an iOS memory corruption vulnerability which could allow an attacker to seize control of a user's device.

CopyCat adware uses Amazon Web Services, APK segmentation to evade detection

The CopyCat adware that infected over 14 million Android devices employs evasion techniques to avoid detection, including the use of Amazon Web Services and the segmentation of malicious APK files.