Mobile Security | SC Media

Mobile Security

Huawei responds to allegations of NSA hacking

Google, Huawei break will likely lead to security issues for users

President Trump’s executive order blocking Huawei’s products from accessing U.S. networks or technology has resulted in Google retracting its Android license from the company, possibly leading to cybersecurity issues for future owners of Huawei devices. Google has confirmed that currently available Huawei devices can still be used and services such as the Google Play Store,…

Boost Mobile breached

Boost Mobile was hit with a breach which affected an unknown number of customer accounts. “Boost.com experienced unauthorized online account activity in which an unauthorized person accessed your account through your Boost phone number and Boost.com PIN code,” the company said in a notification. “The Boost Mobile fraud team discovered the incident and was able…

'KorBanker' steals SMS messages, takes authentication codes in the process

Researcher uncovered passwordless database used for SMS bombing

A researcher uncovered a massive SMS Bombing Operation in a passwordless database that exposed the sensitive information of millions of users. Security researcher Bob Diachenko discovered an open and unprotected MongoDB instance containing a massive amount of data including MD5 hashed emails, first and last names, location data, IP address, phone number, mobile network carrier…

No, VPNs Aren’t Dead — They’re More Essential Than Ever

A few weeks ago, a particular SC Media Executive Insight claimed it’s time to say good-bye to VPNs. Among other things, the writer claimed that application access was more effective, and that zero trust architecture is an essential ‘alternate model’ for access. While I agree with Mr. Sullivan that application access and zero trust architecture…

Google unveils new controls for automatically deleting data after 3 or 18 months

Google on Wednesday announced an upcoming, privacy-friendly feature that will automatically delete user location history and web and app activity data after a specified period of time. The new controls will be rolled out in the coming weeks, Google revealed in a blog post authored by David Monsees, “Search” product manager, and Marlo McGriff, “Maps”…

High-volume eGobbler malvertising campaign exploits zero-day Chrome bug

A malicious actor has been leveraging a Google Chrome browser exploit to deliver malvertisements to iOS users, including a campaign earlier this month during which 500 million user sessions were exposed to a session hijacking attack. Dubbed eGobbler by researchers at Confiant, the threat actor from April 6-10 ran a massive operation consisting of eight…

Three apps claiming to improve Instagram exposed as an insta-scam

A trio of Android applications that supposedly helped Instagram account owners increase likes and followers, boost security and improve the overall user experience were actually stealing their usernames and passwords, Malwarebytes has reported. The apps, which were designed to target users based in Iran, had been available for download via the Google Play store as…

Next post in Security News