Mobile Security News, Articles and Updates

FalseGuide malware hits 600K devices via botnet on Google Play

A new strain of malware was detected on Google Play that mobile threat researchers at Check Point dubbed FalseGuide and said was hidden in more than 40 guide apps for games.

Met Police officer buys malware that monitors messages, calls and more

A London police officer has purchased malware for mobile phones and computers that can intercept calls, emails and more.

Fake Super Mario Run App Steals Credit Card Information

Dozens of malicious Android apps claiming to be the mobile game Super Mario Run have been detected by researchers at Trend Micro.

SMSVova spyware downloaded millions of times from Google Play store since 2014

A spyware program disguised as an app that dispenses Android updates was downloaded between 1 and 5 million times before being pulled from Google's official U.S. Play Store, according to researchers at Zscaler.

Updated Microsoft Authenticator simplifies secure log-ins on Android, iOS phones

A new, simplified two-factor verification sign-in feature for phones that eliminates the need for passwords or one-time code entries is now officially available for Microsoft account-holders.

Details on 1.7M Snapchat users allegedly posted in India

Snapchat CEO Evan Spiegel might want to tone down his comments while discussing the target demographic for his app.

FDA warns Abbott on cybersecurity woes with St. Jude heart devices

In addition to a serious battery depletion problem, the FDA said Abbott hadn't incorporated recommendations into its cybersecurity risk assessment plan.

New Android OS blocks some ransomware

Google's latest iteration of its mobile operating system for Android devices, Android O, helps block some ransomware.

App vulnerability could burn Aga oven owners

Aga oven owners could have been left scratching their heads over why their food did not cook properly if not for a researcher at Pen Test Partners.

Miley Cyrus, Rosario Dawson and Suki Waterhouse claimed by Celebgate 2.0

Miley Cyrus, Rosario Dawson and Suki Waterhouse have joined the ranks of Celebgate victims.

Side-channel attack technique steals PINs by analyzing smart device sensor readings

Researchers in the UK have uncovered a technique for malicious websites to spy on smart device owners and even decipher their screen touches and PIN number entries by secretly monitoring their devices' sensor data.

BrickerBot malware attacks and destroys unsecure IoT devices

The security firm Radware has come across two new forms of Denial of Service (DOS) malware that is attacking and bricking Internet of Things devices for as yet unknown reasons.

Chrysaor spyware's live audio recording capability called sophisticated and elaborate

The recently uncovered Chrysaor spyware tool has an amazingly complex and stealthy way to record audio that is able to fly under the user's radar.

Broadcom patches chipset flaws that enable remote code execution on Android and ioS devices

A Google Project Zero researcher has detailed a series of vulnerabilities in Broadcom's Wi-Fi chipsets that could potentially allow remote code execution on Android and iOS devices.

Research links four malware programs to campaign targeting U.S. and Middle Eastern users

A joint research investigation has shed light on a recently discovered malware campaign that aims to infect U.S. and Middle Eastern targets with four distinct families of Windows and Android-based downloaders and information stealers.

Samsung Tizen OS found to contain over 40 zero-day vulnerabilities

Samsung's smart device operating system, Tizen - designed to replace Google's Android OS - is the "worst code" ever seen, says security researcher.

Android ransomware variant hoodwinks AV software by waiting 4 hours before striking

A newly discovered variant of the Android ransomware PornDroid eludes all antivirus programs by waiting four hours before executing its malicious activity as well as by employing heavy amounts of obfuscation.

Banks need to step up tech for mobile users, report

Banks worldwide are at risk of incurring costly consequences to their operations if they don't move away from legacy systems and get in step with digital advancements.

Yu-Gi-Oh fan forum breached, 6.5M email addresses, passwords compromised

A hacker has made off with at least 6.5 million email addresses and poorly hashed passwords from a Yu-Gi-Oh fan project called "Dueling Network."

IoT liability: Legal issues abound

While industry-specific efforts to create some type of cybersecurity framework is helpful, stronger guidelines will be needed, reports Doug Olenick.

70 percent of mobile devices of top networks vulnerable, study

More than 70 percent of mobile devices on five major U.S. carriers are susceptible to breach due to unpatched devices, according to a recent study.

Tacoma fined second time for withholding Stingray data

For the second time this month, the city of Tacoma, Wash. was fined for withholding information concerning its use of Stingray devices.

Nearly a million Minecraft players feel like blockheads after installing fake mod apps

A spate of malicious apps falsely posing as mod programs for the popular world-building game Minecraft were downloaded by users roughly 990,000 times on Google Play before they were reported earlier this month.

Imperva Incapsula warns of rapidly strengthening DDoS attacker capabilities

Incapsula, Imperva's DDoS experts, have said US, UK and Netherlands top attacked countries, drew 74.9 percent of all attacks.

Demi Lovato nudes leaked, scammer targets private citizens for sex shows

A spearphishing scammer demanded a sex show from a private citizen after obtaining the victim's email credentials.