Mobile Security | SC Media

Mobile Security

Microsoft adds to Edge browser security

Microsoft has made a few security additions to its Edge browser and other applications as part of the company’s branding switch from Office 365 to Microsoft 365 that will take place on April 21. The version of Edge rolling out with Microsoft 365 will contain a new feature called Password Monitor. To work the user…

Privacy in critical care after telehealth demands jump

As coughs and body aches drive anxious Americans to telemed services in record numbers, relieving the burden on medical facilities stressed to breaking with COVID-19 cases, the subsequent relaxation of privacy requirements puts them at risk of PHI compromises, cyberattacks and privacy violations. The shift to online medicine has resulted in the dissemination of a…

Working From Home in the Age of COVID-19

All of us have seen or issued guidance that looks something like this: “We are committed to doing our part to stem the spread of the COVID-19 virus. Consistent with guidance from the World Health Organization, the U.S. Centers for Disease Control and Prevention, and other national and local health authorities regarding efforts to limit…

apple patch

Apple releases more than 30 security patches

Apple released updates across eight product lines with several having more than a dozen issues addressed. Apple does not rate the severity of each vulnerability, but does break them all down for its users. One batch of 13 vulnerabilities was shared across three products, iCloud for Windows versions 10.9.3, 7.18 and iTunes 12.10.5 . Five of…

Spyware disguised as COVID-19 tracker app actually keeps track of users

Another malicious actor has weaponized an otherwise legitimate, interactive coronavirus tracking map created by Johns Hopkins University — this time to deliver Android spyware as part of a campaign that originates out of Libya and seemingly targets individuals within that country. The surveillanceware, known as SpyMax, comes packaged in a trojanized application named “corona live…

Password found to rescue victims of malicious COVID-19 tracker app

Members of the IT and cybersecurity communities have successfully obtained a password key for victims of CovidLock Android ransomware, which comes disguised as an app that supposedly helps track cases of the coronavirus, but actually locks users’ phones and demands a ransom in order to restore access. The unlock token has been verified as 4865083501.…

Coronavirus tracking app locks up Android phones for ransom

A malicious Android app that supposedly helps track cases of the coronavirus actually locks users’ phones and demands a ransom in order to restore access. (Note: a password key has since been published. See follow-up story here.) Dubbed CovidLock, the newly discovered ransomware performs a screen-lock attack by forcing a change in the password required…

Cookie-stealing Android trojan likely used for spam distribution campaign

Who stole the cookie from the cookie jar? It’s Cookiethief, a newly discovered Android trojan that gains root access to devices and exfiltrates browser and Facebook app cookies to a malicious server. Attackers typically use stolen cookies to impersonate victims and access their online accounts in unauthorized fashion. In this instance, researchers believe the culprits…

Google patches Bluetooth vulnerability impacting most Android devices

Google has issued a critical security update for Android that affects the Bluetooth functionality on about two-thirds of all Android devices now in use. The vulnerability, CVE-2020-0022, affects devices running Android Oreo (8.0 and 8.1) and Pie (9.0) and can allow remote code execution without any user interaction. The flaw was found and reported to…

Next post in Vulnerabilities