Security experts at Symantec detect a new strain of the Android Bankosy malware that steals passwords sent through voice calls generated by 2FA systems. One-time passcodes, a crucial defense for online banking applications, are being intercepted by a malware program for Android, according to new research from Symantec. One-time passcodes (OTPs) in two-factor authentication scheme […]

The IS has developed an Android app dubbed Amaq Agency app demonstrating how powerful modern communications technology can be for a radical group. Which are the communication channels used by members of the ISIS? Which are the messaging services they use? These are the main questions for the Western Intelligence that is attempting to track […]

Experts at FireEye noticed a significant evolution of SlemBunk, a powerful Android Trojan is targeting bank users worldwide. In December security experts at FireEye first spotted the Android banking Trojan SlemBunk, a threat specifically designed to target mobile banking users. The trojan first variants were distributed as copies of legitimate bank apps through third-party websites. The SlemBunk Trojan […]

Apple has fixed a critical vulnerability in its iOS operating system that allowed hackers to impersonate end users. Apple has fixed a serious vulnerability in the iOS operating system that could be exploited by hackers to impersonate users who visit  websites that use unencrypted authentication cookies. The issue resides in the implementation of a cookie […]

Security experts at Core Security’s CoreLabs have discovered a hard-coded password and other vulnerabilities in the Lenovo SHAREit File-Sharing App. Lenovo today has patched several security issues related to the presence of a hard-coded password the file-sharing application Lenovo ShareIT application for Android and Windows that is available for free. The application was designed by […]

It is the joke of these hours,users are sharing a link to crashsafari.com on social media platform that could crash friends’ iPhone and iPad. Do not open any a link to crashsafari.com on your iPhone, iPad or even Macs, visiting the website will cause the Safari application to crash and Apple device to restart. Obviously, […]

It is the joke of these hours,users are sharing a link to crashsafari.com on social media platform that could crash friends’ iPhone and iPad. Do not open any a link to crashsafari.com on your iPhone, iPad or even Macs, visiting the website will cause the Safari application to crash and Apple device to restart. Obviously, […]

Experts at Symantec detected Lockdroid a new piece of Android ransomware capable of locking devices and fully wiping user data via factory resets. A new strain of ransomware called Lockdroid (Android.Lockdroid.E) is threatening Android users. The mobile ransomware has been detected by experts at Symantec, it is able to lock the device, change the PINs, […]

Another embarrassing problem for Apple iOS mobile devices (iPhone and iPad),  setting the date of the devices to January 1st, 1970 will brick them. Don’t Try it! Another embarrassing problem for Apple iOS mobile devices, a software flaw could be exploited to permanently kill your iPhone, iPad or iPod. The issue affects the Apple iOS date and time […]

A new malware dubbed Mazar Bot is threatening Android users and has the ability to gain root access to the mobile device and completely wipe it. A new threat is threatening Android users, its name is Mazar BOT and has the ability to gain root access to the mobile device and completely wipe its storage. Mazar BOT could be used by threat […]

While discussing the San Bernardino shooter’s iPhone, Apple executives said the password changed while it was under the government custody. The discussion about the San Bernardino shooter’s iPhone has monopolized media in this week, a US magistrate ordered Apple to help unlock the mobile device, but the company refused to do so. A new shocking […]

The experts at the IBM X-Force threat intelligence have discovered that the source code for Android malware GM Bot was leaked online. Bad news for the Android community, the experts at IBM X-Force threat intelligence have discovered that the source code for Android malware GM Bot was leaked on an underground. The source code was […]

While Apple is refusing to support the FBI in the case of San Bernardino shooter Snowden says the FBI can use decapping technique to crack iPhones. Over the last days, there is a huge discussion between Apple and FBI in relation to the access to San Bernardino terrorist Syed Farook’s iPhone. FBI demand to hack […]

Apple has begun developing security features for the new iPhone to make it impossible for the law enforcement agencies to break into a locked iPhone The news related to the request made by the FBI to Apple of unlocking the iPhone of Syed Farook, one of the San Bernardino shooters has raised the debate on the efficiency of […]

The federal magistrate Judge James Orenstein has ruled in favor of Apple, rejecting the FBI request to unlock an iPhone. In the last weeks, we have followed the dispute between Apple and FBI regarding the possibility to unlock the iPhone used by one of the San Bernardino shooters. The FBI required Apple to modify the iOS operating system running […]

French Gov is thinking a law that would impose fines of €1 million on Apple and Google if they refused providing access users’data. Governments worldwide continue to intensify their pressure on the IT giants requesting the access to users’ data in the name of security. The US Government wants Apple unlock its mobile devices to access data, the […]

Researchers at Bluebox Security discovered that the badge scanning application used at the RSA Conference 2016 includes a hardcoded default password. This year participants at the 2016 RSA Conference will have an ugly surprise, many vendors were provided with Samsung Galaxy S4 smartphones that run a special Android app, available on the Google Play, that allows them to […]

A group of researchers that analyzed security of a number of smart watches discovered a $17 smartwatch is sold with a backdoor in the pairing app. Be careful of cheap smartwatch offered on the web, security researchers at Mobile Iron have found that the U8 Smartwatch available on eBay for sale is offered with an Android or iOS app […]

The sounds of a 3D printer at work can be analyzed by researchers to reconstruct the original 3D model used to create the object. It isn’t a sci-fi movie but a true experiment conducted by the researchers at the University of California Irvine, led by Mohammad Al Faruque, that demonstrated how to steal 3D-Printed models by copying sounds of […]

A number of bypass vulnerabilities still affect iOS devices and could be exploited by an attacker to bypass the passcode authorization screen. A number of bypass vulnerabilities still affect iOS devices and could be exploited by an attacker to bypass the passcode authorization screen on Apple mobile devices (iPhones and iPads) running iOS 9.0, 9.1, and […]

The South Korean NIS revealed that North Korea had hacked into smartphones belonging to a number of key government officials. The South Korean National Intelligence Service (NIS) revealed that North Korea had hacked into smartphones belonging to a number of key government officials. The announcement was made on Tuesday, according to the NIS cyber spies from  North […]

A large percentage of Android devices is affected by security vulnerabilities that could be exploited by attackers to easily gain a Root Access. According to experts at TrendMicro a large percentage of Android devices in use today is affected by security vulnerabilities that could be exploited by attackers to easily gain a root access. The attack allows an ill-intentioned […]

Kaspersky Lab recently spotted a new Android malware dubbed Triads Trojan, which they say is the most advanced mobile malware seen to date. Malware researchers at Kaspersky Lab have discovered a new strain of malware, dubbed Triada (Backdoor.AndroidOS.Triada), targeting Android devices, which they consider the most advanced mobile threat seen to date.  The range of […]

Two Computer Science researchers developed a technique to hack a phone’s fingerprint sensor in 15 mins with $500 worth of inkjet printer and conductive ink The Computer Science researchers Kai Cao and Anil K Jain have developed a new technique for hacking a mobile device’s fingerprint sensor in 15 mins with $500 worth of an […]

The Russian security tester Timur Yunusov has discovered critical flaw affecting routers and 3G and 4G mobile modems from Huawei, ZTE, Gemtek, and Quanta. The Russian security tester Timur Yunusov has discovered critical vulnerabilities affecting routers and 3G and 4G mobile modems from Huawei, ZTE, Gemtek, and Quanta. The security holes could be exploited by remote attackers […]

AceDeceiver is the first iOS malware that abuses certain design flaws in Apple’s FairPlay DRM to install malicious apps on iOS devices even non-jailbroken. Hackers are exploiting a flaw affecting the Apple digital rights management technology (DRM) to install malicious apps on every iOS device, even non-jailbroken ones. Last month, security experts at Palo Alto Networks […]

AceDeceiver is the first iOS malware that abuses certain design flaws in Apple’s FairPlay DRM to install malicious apps on iOS devices even non-jailbroken. Hackers are exploiting a flaw affecting the Apple digital rights management technology (DRM) to install malicious apps on every iOS device, even non-jailbroken ones. Last month, security experts at Palo Alto Networks […]

Millions of Android devices are open to hacking attacks due to the newly disclosed Android Stagefright Exploit that hack a smartphone in 10 seconds. New problems for Android users, security experts at software research firm NorthBit have developed an exploit for a Stagefright vulnerability affecting Google’s operating system. Millions of Android devices are open to hacking […]

Millions of Android devices are open to hacking attacks due to the newly disclosed Android Stagefright Exploit that hack a smartphone in 10 seconds. New problems for Android users, security experts at software research firm NorthBit have developed an exploit for a Stagefright vulnerability affecting Google’s operating system. Millions of Android devices are open to hacking […]

Chris Vickery has discovered online the database of the Kinoptic iOS app, which was abandoned by developers, with details of over 198,000 users. The security researcher Chris Vickery has discovered a database belonging to an abandoned iOS app, the Kinoptic iOS app, that is exposing on the Internet personal details of over 198,000 users. The Kinoptic iOS app allowed […]

Malware researchers at the Dr Web firm have found an Android malware named Gmobi specifically designed to spread as a software development kit (SDK). Malware researchers at security firm Dr.Web have detected a new strain of malware that was specifically designed to spread as a software development kit (SDK) used by  software developers and mobile device […]

Malware researchers at the Dr Web firm have found an Android malware named Gmobi specifically designed to spread as a software development kit (SDK). Malware researchers at security firm Dr.Web have detected a new strain of malware that was specifically designed to spread as a software development kit (SDK) used by  software developers and mobile device […]

A group of researchers found an iOS zero-day that would let a skilled attacker decrypt photos and videos that were sent as secure instant messages. The bad news is that Matthew Green, a professor at Johns Hopkins University revealed that a zero-day vulnerability in iOS encryption allows skilled attackers to decrypt intercepted iMessages, the good […]

Google released an emergency security patch to fix the local elevation of privilege vulnerability CVE-2015-1805 affecting its OS. Google has released an emergency security patch to fix the local elevation of privilege vulnerability CVE-2015-1805 affecting the kernel of the Android OS of certain devices. The vulnerability is ranked as critical and can be exploited by rooting applications […]

Google released an emergency security patch to fix the local elevation of privilege vulnerability CVE-2015-1805 affecting its OS. Google has released an emergency security patch to fix the local elevation of privilege vulnerability CVE-2015-1805 affecting the kernel of the Android OS of certain devices. The vulnerability is ranked as critical and can be exploited by rooting applications […]

The US authorities announced on Monday they may have found a way to unlock the San Bernardino shooters iPhone without the Apple’s help. The FBI says it may have discovered a method to bypass Apple security measures and unlock access the iPhone used by one of the San Bernardino attackers, and a today scheduled court hearing in the […]

The Israeli Cellebrite firm is helping the Federal Bureau of Investigation (FBI) in unlocking San Bernardino shooters’ iPhone. In the last weeks, we have followed the case of the San Bernardino shooter’s iPhone that a few days ago reached an unexpected conclusion, the FBI announced on Monday to have found a way to unlock the mobile device without […]

Security researchers from the Cheetah Mobile Security Research Lab discovered a severe flaw in the call management application Truecaller. Recently, security researchers from the Cheetah Mobile Security Research Lab discovered a severe loophole in the popular phone call management application Truecaller. This vulnerability allows anyone to steal Truecaller users’ sensitive information, potentially opening doors for […]

The Department of Justice says the FBI has broken into the iPhone used by the San Bernardino shooter, it no longer needs the help of Apple. The US Department of Justice (DoJ) announced it has broken into San Bernardino shooter‘s iPhone and it had accessed encrypted stored on the device. After a long battle between Apple and […]

Paris terrorists used burner phones and US lawmakers have proposed a bill that would force retailers to record the identity of the buyers of these devices. Law enforcement and intelligence agencies worldwide are fighting against terrorist organizations operating in their territories, but investigations are hampered by the use of encrypted communications. After the Paris attacks, intelligence agencies […]

SideStepper is a method to install malicious apps on iOS devices by abusing the mobile device management (MDM) solutions. Security researchers from the Check Point firm have devised a method to install a malicious code on iOS devices by abusing the mobile device management (MDM) solutions used by many enterprises. The technique relies on a vulnerability dubbed by […]

iPhone 6s and 6s Plus running the latest iOS version are plagued by a vulnerability that can be exploited to bypass the lockscreen. Another flaw plagues the new Apple iPhone 6s and 6s Plus, this time the mobile devices are affected by a Lockscreen Bypass vulnerability that could be exploited by local attackers to access […]

Whatsapp now implements end-to-end encryption for all versions of the most popular messaging and voice calling application. Great news for privacy advocates and WhatsApp users, the software now implements end-to-end encryption for all versions of the most popular messaging and voice calling application. On Tuesday, the company announced the significant improvement to its 1 billion users with a blog […]

The FBI Director James Comey confirmed the Agency had purchased a hacking tool to crack the San Bernardino shooter’s iPhone, but … The FBI has found a way to unlock any Apple iPhone, this is the opinion of the majority of security experts. Apple has expressed its concerns about the technique adopted by the Feds to access data […]

Modems in a number of Samsung Galaxy devices are open to receiving AT commands over the USB cable even when they are locked Do you know that modems in a number of Samsung Galaxy devices are open to receiving AT commands over the USB cable even when they are locked? The circumstance is serious if we […]

A couple of security experts demonstrated that iOS date bug was still present in iOS devices and it was exploitable by spoofing an Apple NTP server. Do you remember the Apple iOS date bug? In February, the security community highlighted the existence of the embarrassing problem for Apple iOS mobile devices running 64-bit iOS 8 or higher, […]

A report published by the VICE News confirmed that the Canadian law enforcement obtained the BlackBerry encryption Key under the investigation Op Clemenza. BlackBerry is probably the first mobile vendor that implemented end-to-end encryption to protect communications of its users. Now an embarrassing report published by Vice News revealed that BlackBerry has shared a master Key to […]

According to a research conducted by IBM the healthcare industry was a privileged target of cybercriminals last year, more than 100M Records Compromised. The healthcare industry was the number one target of cybercriminals in 2015, new research indicates. Previously, the banking industry held the top position. In 2015, more than 100 million healthcare records were […]

FBI Director Comey explained at the Aspen Security Forum in London that the Agency paid more than $1.3 million to break into San Bernardino shooter’s iPhone. FBI Director Comey explained at the Aspen Security Forum in London that the Agency paid more than $1.3 million to break into San Bernardino shooter’s iPhone The FBI vs […]

Blue Coat spotted a new ransomware-based campaign serving the Dogspectus malware. Crooks combined a Hacking Team exploit and the Towelroot exploit. Security experts at Blue Coat have spotted a new campaign spreading an Android Ransomware dubbed Dogspectus. The malicious code hijacks mobile advertisements to scam gift cards, it locks the device in a state that allows only […]

A Brazilian judge ordered to block access to the WhatsApp messaging service for 72 hours, it is the second time in five months. Brazilian authorities ordered ISPs to block WhatsApp today in a dispute over access to encrypted data. The order to block the messaging service for 72 hours has been issued by a judge from the […]

Patches for 40 high and medium severity vulnerabilities have been included in Google’s May 2016 security update for the Android operating system. Patches for 40 vulnerabilities have been included in Google’s May 2016 security update for the Android operating system. Many high and medium severity vulnerabilities, in addition to one low severity vulnerability, are patched […]

Mandiant – FireEye has disclosed the details of a serious information disclosure vulnerability affecting one of the Qualcomm software package widely used. Security researchers from the Mandiant firm have discovered a “high severity” vulnerability in the Qualcomm tethering controller (CVE-2016-2060) that could be exploited by a malicious application to access user information. Recently Google released an Android update that addresses […]

White Hackers from Positive Technologies demonstrate how to exploit SS7 protocol to impersonate WhatsApp and Telegram users and act on their behalf. Both WhatsApp and Telegram messaging services have implemented the end-to-end encryption for chats in order to protect the privacy of their users and improve their security. Is it enough to keep prying eyes far from them? No, according to a […]

The Japanese Mobile carrier NTT Docomo announced that its mobile devices will allow authorities to covertly track the locations of the users. The Japanese Mobile carrier NTT Docomo announced that five of its new smartphone models will allow authorities to track the locations without users being aware of it. Today, users are alerted when the […]

The popular security expert John McAfee and a team of four hackers demonstrated that is is possible to read WhatsApp message. The cybersecurity expert John McAfee and four hackers demonstrated that is is possible to read a WhatsApp message even if it is encrypted. The hacker crew used their servers located in a remote section […]

Daniel Kaufman announced that Google is planning to make password identifications outmoded by 2017 and replace them with trust scores. Google wants to replace traditional passwords on Android with “trust scores,”  and it is planning to do it by 2017. The announcement was officialized at the Google I/O conference, the IT giant intends to use Google’s Trust API technology developed by […]

The security expert Chilik Tamir from Mi3 Security has devised a new attack dubbed SandJacking to install rogue apps on iOS devices. The security expert Chilik Tamir from Mi3 Security has devised some new attack methods that can be exploited by threat actors to install malicious apps on non-jailbroken iOS devices. Tamir presented his attack methods at […]

Malware researchers are warning Android’s latest permission-granting model in version 6.0 Marshmallow is now been targeted by Mobile malware authors. Android’s latest permission-granting model in version 6.0 Marshmallow is now been targeted by Mobile malware authors. The model  will let users grant permissions only when it is required by the app, rather be accepting all […]

Israeli company Ability Unlimited Interception System (ULIN) promises unlimited surveillance capabilities on any cell phone on the planet. Israeli-based company Ability is planning a big marketing push aimed at law enforcement in the United States.  Ability Unlimited Interception System (ULIN) promises unlimited surveillance capabilities of revealing the location, calls, and texts of any cell phone […]

Experts from Kaspersky Lab have conducted an experiment to demonstrate the risks for charging mobile devices with untrusted USB charging points and PCs. A simple operation like charging mobile Smartphone could expose users at serious risks. It is not a novelty, mobile devices could be hacked while owners are charging them by using a standard […]

This week it was discovered that the Tesco Android Bank app won’t run with the Orbot privacy tool installed on the user’s mobile device. I always highlighted the importance of censorship and internet monitoring, architectures like the Tor network are much more than evil tools in the hands of crooks, but probably someone has a different opinion. Tesco Bank […]

Researchers at MalwareBytes have spotted a new Android Malware dubbed Pawost that uses Google Talk to make unwanted phone calls. Security experts from MalwareBytes have spotted a new strain of Android malware, dubbed Android/Trojan.Pawost, that implements an unusual feature. The Pawost threat originates from China and is able to use Google Talk to make malicious phone […]

Location services could very useful to find lost devices, but do not do anything silly to find your stolen smartphone, it could be very risky. People underestimate the risk related to the use of technology, a simple post on a social network or a harmless SMS could cause serious problems. Today I desire to share […]

Apple confirms iOS 10 kernel code left unencrypted intentionally to improve OS performance and ensures that it will have no impact on security. The news is intriguing, while Apple announced the new release of its mobile operating system, the iOS 10, the experts discovered that its kernel is unencrypted. The researchers from MIT Technology who reviewed […]

Experts from Cheetah Mobile firm revealed that the Hummer Android malware has already infected millions of smartphones worldwide. Security experts from the Cheetah Mobile firm are monitoring an Android malware dubbed Hummer since August 2014. The researchers noticed a significant increase in the number of infections in 2016, with a daily average of 1.4 million […]

The Android full-disk encryption can be easily cracked with a brute force attack, hundreds of millions of Android mobile are at risk. Bad news for Android users that want to protect their data by enabling full-disk encryption (FDE) on their mobile devices. The Android full-disk encryption can be easily cracked with a brute force attack, […]

Chinese Ad company Yingmob ’s developers are allegedly responsible for the infection of approximately 10 million Android devices. Chinese Ad company Yingmob’s developers are allegedly responsible for the infection of approximately 10 million Android devices which is reportedly generating an income of around $300,000 USD per month. CheckPoint, the security company famous for their network […]

A group of researchers has devised a new method for hacking mobile devices by using hidden voice commands in YouTube videos. A group of researchers from the University of California, Berkeley, and Georgetown University has devised a method for hacking mobile devices by using hidden voice commands embedded in YouTube videos. In order to hack […]

ProofPoint have found in the wild a backdoored version of the popular Pokemon GO Android App that could allow attackers to gain control over victim’s device The gamers are going crazy for the last Nintendo game Pokemon GO which uses augmented reality , the mobile app is used by players to walk around and collect […]

A number of iOS devices are being held ransom by the Russian “Oleg Pliss” who is demanding a payment of $100 to unlock the device. Basically the hijack is being done using stolen iCloud passwords and the “locate device” feature to lock the device and display a message to the affected user. Now how the passwords […]

Millions of Xiaomi smartphone are affected by a critical remote code execution flaw that could be exploited by hackers to take over the mobile devices. Millions of Xiaomi mobile are vulnerable to remote hacking due to a critical remote code execution (RCE) vulnerability that could be exploited by hackers to take over the mobile devices. The […]

Security researchers from Symantec have discovered a new variant of the Android.Fakebank.B banking trojan that prevents users from calling banks. Security experts from Symantec have spotted a new strain of mobile Trojan dubbed Android.Fakebank.B that prevents users from making outgoing calls to banks from their mobile devices. Android.Fakebank.B was first spotted in October 2013, it was able to […]

The US federal authorities asked a 3D printing lab to recreate a dead man’s fingers to unlock his smartphone … will it work? Do you remember the battle Apple vs FBI conducted to force the IT giant on unlocking the San Bernardino Shooter’s iPhone, well it has become a story of the past. The federal authorities […]

The NSA whistleblower Edward Snowden and the popular hacker Andrew “Bunnie” Huang designed Introspection Engine, an interesting anti-surveillance device. While the number of mobile devices is outclassing the number of desktop ones, the concern about the surveillance activities conducted by governments is growing as never before also thanks the Snowden revelations. Mobile devices, often unprotected, […]

Palo Alto Networks recently discovered a Remote Access Trojan dubbed SpyNote that is free available allowing anyone to launch attacks in the wild. I love when the sale happens in malls. People just rush and want to get good things for cheap prices. And who doesn’t love something free? The spyware and malware market is highly lucrative when […]

WhatsApp doesn’t properly erase your deleted messages, researcher reveals Are you using WhatsApp? There is an interesting news for you, the popular instant messaging app doesn’t properly erase the user’s deleted messages. The issue was reported by the popular iOS security researcher Jonathan Zdziarski who is warning about the risks for the users’ privacy. The flaw […]

Hackers accessed Telegram accounts in Iran, a security duo investigated the security breach and will present its findings at the Black Hat Conference. 15 million Iranian Telegram accounts have been compromised, users have reportedly had their personal information exposed (phone number, Telegram ID). The security researchers Collin Anderson and Claudio Guarnieri have investigated the case, more […]

Experts from Checkpoint have found four major vulnerabilities dubbed Quadrooter in Qualcomm chips that expose more than 900M Android users to hack. Security experts from the security firm Checkpoint have found four major vulnerabilities, dubbed Quadrooter, in the firmware running on the in the Qualcomm chips that equip modern Android devices. The Quadrooter flaws could be […]

Experts from Lookout revealed that all Android versions running the Linux Kernel 3.6 to the latest are affected by the CVE-2016-569 Linux flaw. Recently I wrote about a severe vulnerability (CVE-2016-5696) affecting the Linux version 3.6, deployed in 2012. The flaw was discovered by researchers from the University of California, Riverside, and the U.S. Army […]

Security experts from Kaspersky spotted a malware-based campaign that abused the Google Adsense Advertising network to spread a malicious code. Mobile malware is becoming an even more insidious threat, security experts are observing a rapid diffusion of spyware that is able to steal sensitive data from victim’s mobile devices. Very common are also malware that impersonates […]

Apple issued emergency iOS updates to patch three Zero-Days exploited by a government spyware in an high-sophisticated attack. Apple has released the iOS 9.3.5 update for its mobile devices (iPhones and iPads). The security updates address three zero-day vulnerabilities exploited by nation-state actors to spy on activists. Security experts have spotted a strain of spyware targeting […]

In the aftermath of the DNC hack the staffers were instructed in the use of the popular instant messaging Signal app, also called the “Snowden-approved” app. The need of privacy is pushing the IT industry in developing secure messaging systems that implement end-to-end encrypted to protect users from prying eyes. Signal is probably the most popular app […]

Its name is the Trident: a chain of zero-day exploits that aim to infect iPhone with commercial spyware. Researchers linked it to the NSO group. Its name is the Trident: a chain of zero-day exploits that aim to infect iPhone with commercial spyware. Researchers say it’s belonging to an exploit infrastructure connected to the NSO […]

The NSO Group is one of the surveillance companies that allow their clients to spy on their targets through almost any smartphone. It is quite easy for any Government to spy on mobile users, recently we have discussed the Trident vulnerabilities that were exploited by a surveillance software developed by the NSO Group to deliver the Pegasus […]

The CVE-2016-3862 flaw is a remote code execution vulnerability that affects the way images used by certain Android apps parsed the Exif data. Are you an Android user? I have a bad news for you, an apparently harmless image on social media or messaging app could compromise your mobile device. The last security updates issued by […]

A Dutch Computer Science student discovered the presence of a backdoor that could allow an attacker to silently install any app on Xiaomi phones. A Dutch Computer Science student, Thijs Broenink, who analyzed his Xiaomi mobile device discovered the presence of a backdoor that could allow an attacker to silently install any app on the phone. The […]

The security duo Markus Vervier and Jean-Philippe Aumasson have discovered multiple flaws in the Android version the popular Signal app. The security researchers Markus Vervier and Jean-Philippe Aumasson have discovered multiple vulnerabilities in the Android version of the secure messaging application Signal that can be exploited by a remote attacker to alter attachments and cause […]

Google has removed from the Google Play store four apps trojanized with the Overseer malware to target overseas travelers seeking embassy information. Google has removed from the official Google Play store four trojanized apps that targeted overseas travelers seeking embassy information and news for specific European countries. Three apps were named “Embassy”, “European News”, “Russian […]

The popular hacker Luca Todesco (aka @qwertyoruiopz) has announced the existence of the iPhone 7 jailbreak for devices running iOS 10. Only a few hours, this is the time spent by the popular hacker Luca Todesco (aka @qwertyoruiopz) to jailbreak the new and secure iPhone 7. The iPhone 7 was launched by Apple a few days ago and of […]

Experts from Elcomsoft discovered a new vector of attack to access password-protected local backups produced by iOS 10 devices. According to security experts from the computer forensics company Elcomsoft, Apple has weakened the backup security protection of its recently-issued iOS 10 skipping certain security checks. This means that hackers could easily crack password protection used […]

In what could be another serious celebrity hack, 3,000 photos have been stolen from Pippa Middleton ’s account and they are being offered for sale. The UK Police is investigating the Pippa Middleton iCloud hack and consequent theft of private photos. According to The Sun newspaper the stolen photos were offered for sale, it seems that someone had […]

Every time you type a number to start an iMessage conversation on your iPhone, Apple logs your message contacts and other metadata. In January 2015, experts claimed that Apple is not able to read messages sent between devices through iMessages, but reported that the company but it is still able to access data in the backups. […]

The Israeli surveillance firm Wintego is offering for sale the system called CatchApp that is able to hack WhatsApp encrypted communications. The Israeli surveillance firm Wintego is offering for sale a system that is able to hack WhatsApp encrypted communications from mobile devices within close proximity of a hidden Wi-Fi hacking device in a backpack. The news has been […]

The WiFox mobile app was designed as a huge container of network names and passwords for Wi-Fi airports networks worldwide. Do you travel a lot? Probably you have already read about WiFox, it is a legitimate Android/iOS mobile app that includes indications of thousands of airport Wi-Fi networks and their passwords. We have spoken several times about the […]

The WiFox mobile app was designed as a huge container of network names and passwords for Wi-Fi airports networks worldwide. Do you travel a lot? Probably you have already read about WiFox, it is a legitimate Android/iOS mobile app that includes indications of thousands of airport Wi-Fi networks and their passwords. We have spoken several times about the […]

Experts discovered a new variant of the Android Acecard banking trojan that asks victims to take a selfie while they are holding an ID card. The inventiveness of the criminals is a never ending pit. Recently, a number of organizations announced a new authentication method based on the selfies. For example, HSBC customers can open […]

Even if you have an iPhone 6S protected by a 6 digits password plus the touch ID fingerprint it is possible to unlock it. 1. Introduction You have an iPhone 6S protected by a 6 digits password plus the touch ID fingerprint and you may think that nobody can unlock it without the code, right? […]

A new method of attack dubbed DRAMMER could be exploited to gain ‘root’ access to millions of Android smartphones and take control of affected devices. Earlier last year, security researchers from Google’s Project Zero outlined a way to hijack the computers running Linux by abusing a design flaw in the memory and gaining higher kernel privileges on the system. […]

Viewing a maliciously crafted JPEG may lead to arbitrary code execution, a boobytrapped JPEG could compromise your iPhone. Upgrade to iOS 10.1 Even a simple action such as looking a JPEG image or opening a PDF document could cause serious problems, an attacker, in fact, could hijack your Apple mobile device (iPhone, iPad, and iPod). Yes, it’s correct! […]

The firmware used by the Israeli mobile forensic firm Cellebrite was leaked online by one of its resellers, the McSira Professional Solutions. Do you know Cellebrite? It is an Israeli firm that designs digital forensics tools that are used by law enforcement and intelligence agencies to examine mobile devices in investigations. It became famous when […]

Tencent Team Keen won $215k at PWN2OWN Mobile by hacking Nexus 6p and using two exploits for the iPhone iOS 10.1 … all in just 5 minutes each round. Yesterday I was writing about the possibility to hack an Apple device just by opening an image or a PDF, today I desire to inform you […]

Security researchers demonstrated that a Wrong oAuth 2.0 implementation allows a remote simple hack that exposes more than 1 Billion Android App Accounts. A remote simple hack devised by a group of security researchers threatens an amazing number of Android and iOS apps. An attacker can use the technique to sign into any victim’s mobile […]

Belkin’s WeMo home automation firmware that’s in use in several IoT devices has recently been found vulnerable to an SQL injection. Belkin’s WeMo home automation firmware that’s in use in its light bulbs, switches, security cameras, coffee makers and room heaters has recently been found vulnerable to an SQL injection. The hack allows root privileges […]

A group of researchers from Nokia Bell Labs and Aalto University in Finland demonstrated how to hack protocols used in the LTE networks. We discussed several times the rule of the SS7 signaling protocol in mobile communications and how to exploit its flaws to track users. When mobile users travel between countries, their mobile devices connect to the infrastructure of a […]

Kaspersky discovered a new strain of the Svpeng Trojan delivered through popular news websites using Google’s AdSense via a zero-day in Chrome. Crooks exploited a Chrome Zero-Day vulnerability to deliver the Android Svpeng Trojan to Android users via Google AdSense. The Svpeng Trojan is not a new threat, it was first spotted by Kaspersky Lab in July 2013 when threat […]

Experts at Kryptowire discovered a mobile phone firmware that transmitted personally identifiable information without user consent due to a backdoor. Security experts from Kryptowire firm have discovered a backdoor in the firmware installed on low-cost Android phones. The backdoor affects mobile phones from BLU Products that are available for sale on both Amazon and Best Buy. […]

A new flaw allows to bypass the iPhone Passcode protection, even when Touch ID is properly configured, and access photos and messages stored on the device. The use passcode for the protection of users’ data on iPhone Smartphone doesn’t protect users from the possibility that local ill-intentioned will access their data. A new flaw allows […]

According to Elcomsoft, iPhone and iPad automatically send call history to Apple when iCloud is enabled, the company stores the data for up to four months. According to the digital forensics firm Elcomsoft, Apple mobile devices automatically send call history to the company when the iCloud is enabled, it also stores the data for up […]

For the second time in a few days, security experts spotted a backdoor in the firmware of low-cost Android devices. Last week, security experts from Kryptowire firm have discovered a backdoor in the firmware installed on low-cost Android phones. The backdoor affects mobile phones from BLU Products that are available for sale on both Amazon and Best Buy. The […]

It has happened again, most of the Apple devices crashes when the owner plays this iPhone-freezing video. Be careful when clicking on suspicious links. A new bug  in iPhone is threatening Apple users, most of the Apple devices crashes when the owner plays a video. An iPhone-freezing video is circulating online, when users play it in […]

Experts from the security firm CheckPoint discovered a new Android malware dubbed Gooligan that has already compromised more than a million Google Accounts. Another malware, dubbed Gooligan, is threatening Android users. The Android malware has already compromised more than 1 Million Google accounts. The Gooligan Android malware roots vulnerable Android devices in the attempt of stealing email addresses and authentication […]

Researchers discovered a bug that can be exploited to bypass Apple’s Activation Lock feature and gain access to the homescreen of locked Apple devices. Security experts have discovered a new bug that could be exploited to bypass Activation Lock feature on Apple devices (iPhone, iPad). The bug could allow gaining access to the homescreen of a […]

At least 10 million Android users are exposed to cyber attacks due to multiple vulnerabilities affecting the popular AirDroid app. According to experts from the firm Zimperium, multiple vulnerabilities in the Android remote management tool AirDroid could expose more than 50 million devices The flaws could be exploited to abuse built-in features and use them against […]

The last update for the Uber app raises great concerns because it asks to track users’ location even when they’ve been dropped off and exited the program. The last update of the Uber App allows it to track the passengers’ locations even when they have been dropped off and the application is running in the […]

Experts from Doctor Web spotted new Trojans into the firmware of several dozens of low-cost Android smartphones and tablets. Again problems with low-cost Android smartphones and tablets, once again experts discovered certain mobile devices shipped with malicious firmware. According to malware researchers from antivirus firm Dr.Web, the firmware of a large number of popular Android devices […]

The Russian APT group Fancy Bear used a malware implant on Android devices to track and target Ukrainian artillery units from late 2014 through 2016. The popular hacking group, known as Fancy Bear, APT 28, Pawn Storm, Sednit or Sofacy, is once again in the headlines. Experts from the cyber security firm CrowdStrike reported the alleged Russian nation-state actor used malware implant […]

The latest update of Signal introduces the ‘domain fronting’ technique that has been implemented to circumvent censorship. Signal is considered the most secure instant messaging app, searching for it on the Internet it is possible to read the Edward Snowden’ testimony: “Use anything by Open Whisper Systems” Snowden says. The Cryptographer and Professor at Johns Hopkins […]

The Russian and Turkish authorities asked Apple to unlock iPhone belonging to the assassin of Russian Ambassador Andrei Karlov. The Russia’s ambassador to Turkey, Andrei Karlov, was killed on Monday during an exhibition in Ankara. The killer is a lone Turkish gunman that shouted “God is great!” and “don’t forget Aleppo, don’t forget Syria!” The shooter was killed […]

The most popular custom Android ROM, the Cyanogen OS, Announced That it is closing its services starting from December 31, 2016. Bad news for users of the most popular custom Android ROM, the Cyanogen OS, that is now closing its services. Cyanogen was launched with the intent to provide an improved version of the Google Android operating […]

Security experts from Kaspersky Lab have spotted a new Android Trojan, dubbed Switcher, that targets routers in order to change their DNS settings. Malware researchers at Kaspersky Lab have spotted a new Android Trojan, dubbed Switcher, that targets routers and changes their DNS settings in order to redirect traffic to malicious websites. The Switcher Trojan has been […]

A researcher discovered that a single text message could be exploited to crash the Messages app by MMS on iOS due to a recently discovered bug A single text message could be exploited to disable the Messages app on any iPhone due to a recently discovered bug. The bug flaw makes the Apple Message app inoperable, making it […]

Zscaler experts have found in the wild a fake version of the Super Mario Run Android App that could install the Android Marcher banking trojan. Bad news for mobile gamers, security experts at Zscaler have spotted a strain of the Android Marcher Trojan masqueraded as the recently released Super Mario Run mobile game for Apple’s iOS. Marcher is a sophisticated banking […]

My friends at CyberBlog decided to analyze the GM Bot Android Malware as exercise aiming to receive feedback sand suggestions from the security community. The sample explored is confirmed as a variant of the GM Bot Android malware – who’s source was released publicly in early 2016. The code appears to have been forked by a second […]

A simple sequence of three character-long text message containing Emoji can cause the block and the reboot os iPhones and iPads running iOS 10.1 or below. A new Apple’s iOS bug was discovered in the community of mobile tech experts, it can be exploited to crash iPhone or iPad devices by just sending an Emoji […]

According to the Russian forensic firm Elcomsoft the Apple iCloud saved deleted Safari browsing history over the years open the door to surveillance. According to digital forensics firm Elcomsof, Apple iCloud maintained deleted internet Safari browsing history over the years. The experts at Elcomsof discovered the issue while trying to extract records from iCloud accounts, they were able to retrieve supposedly deleted Safari browser […]

According to the Russian forensic firm Elcomsoft the Apple iCloud saved deleted Safari browsing history over the years open the door to surveillance. According to digital forensics firm Elcomsof, Apple iCloud maintained deleted internet Safari browsing history over the years. The experts at Elcomsof discovered the issue while trying to extract records from iCloud accounts, they were able to retrieve supposedly deleted Safari browser […]

Signal, the most secure instant messaging app, introduced the Video call feature in public beta release. You can test is now! Signal is considered the most secure instant messaging app, searching for it on the Internet it is possible to read the Edward Snowden’ testimony: “Use anything by Open Whisper Systemsâ€� Snowden says. The Cryptographer and […]

Signal, the most secure instant messaging app, introduced the Video call feature in public beta release. You can test is now! Signal is considered the most secure instant messaging app, searching for it on the Internet it is possible to read the Edward Snowden’ testimony: “Use anything by Open Whisper Systemsâ€� Snowden says. The Cryptographer and […]

Experts at Kaspersky Lab have analyzed several Android car apps and discovered that most of them lack proper security features to protect vehicles. Security researchers from antivirus vendor Kaspersky Lab have analyzed seven of the most popular Android apps that allow to remotely control millions of modern cars. The experts discovered that the Android apps, whose name […]

Experts at Kaspersky Lab have analyzed several Android car apps and discovered that most of them lack proper security features to protect vehicles. Security researchers from antivirus vendor Kaspersky Lab have analyzed seven of the most popular Android apps that allow to remotely control millions of modern cars. The experts discovered that the Android apps, whose name […]

The new UK Prisons and Courts Bill will let mobile networks to deploy IMSI catchers outside of prisons to snoop on mobile phone users. The Prisons and Courts Bill, introduced to Parliament last week, will let mobile networks to deploy IMSI catchers outside of prisons to snoop on mobile phone users. The IMSI catchers are surveillance equipment […]

A single picture could have been used by attackers to hack the popular secure messaging applications WhatsApp and Telegram. Security experts from Checkpoint have discovered a vulnerability that was present in both messaging services. The hack only affected the browser-based versions of both WhatsApp and Telegram. The flaw affected the way both apps process images and multimedia […]

Privacy Guard is an Android app that evaluates the risks of data privacy relying on the permissions requested by the apps installed on a device. Mobile devices collect a large volume of personal information that could be used for malicious purposes by adversaries. In order to increase the awareness of user towards the possibility of […]

Chinese scammers are deploying rogue cellphone towers to spread the Android Swearing Trojan via malicious URL in SMS messages. Chinese scammers are deploying fake mobile base stations to spread the Android Swearing Trojan in text messages. The attackers have improved the well-known Smishing attack using rogue cell phone towers as the attack vector and distribute the Android […]

Chinese scammers are deploying rogue cellphone towers to spread the Android Swearing Trojan via malicious URL in SMS messages. Chinese scammers are deploying fake mobile base stations to spread the Android Swearing Trojan in text messages. The attackers have improved the well-known Smishing attack using rogue cell phone towers as the attack vector and distribute the Android […]

A critical flaw could be exploited by attackers within range to “execute arbitrary code on the Wi-Fi chip,” download and install last iOS 10.3.1 version. Last week, Apple released iOS 10.3, an important release of the popular operating system the fixed more than 100 bugs and implements security improvements. Apple opted to push an emergency patch update […]

A critical flaw could be exploited by attackers within range to “execute arbitrary code on the Wi-Fi chip,” download and install last iOS 10.3.1 version. Last week, Apple released iOS 10.3, an important release of the popular operating system the fixed more than 100 bugs and implements security improvements. Apple opted to push an emergency patch update […]

Apple fixed a vulnerability tracked as CVE-2017-2387 in the Apple Music for Android that could allow attackers to launch MitM attacks on the application. The update released Apple for the Apple Music application for Android fixes a certificate validation issue that can be exploited by an attacker to run MitM attacks and intercept user data. […]

Apple fixed a vulnerability tracked as CVE-2017-2387 in the Apple Music for Android that could allow attackers to launch MitM attacks on the application. The update released Apple for the Apple Music application for Android fixes a certificate validation issue that can be exploited by an attacker to run MitM attacks and intercept user data. […]

A group of researchers has demonstrated that attackers can steal PINs and Passwords capturing data from smartphone sensors. Modern mobile devices are full of sensors (i.e. GPS, Camera, microphone, accelerometer, magnetometer, proximity, gyroscope, pedometer, and NFC) that could be exploited by hackers to gather data about owner’s activities? A group of researchers from Newcastle University demonstrated that […]

Millions of users looking to get software updates have downloaded an app hiding a spyware called SMSVova through the official Google Play store. Bad news for millions of Android users looking to get software updates, they have been tricked into downloading a spyware called SMSVova through the official Google Play store. Experts at Zscaler discovered […]

Millions of users looking to get software updates have downloaded an app hiding a spyware called SMSVova through the official Google Play store. Bad news for millions of Android users looking to get software updates, they have been tricked into downloading a spyware called SMSVova through the official Google Play store. Experts at Zscaler discovered […]

The company O2-Telefonica in Germany has confirmed to Süddeutsche Zeitung agency that some of its customers suffered cyber heists exploiting the SS7 flaws. Security experts have been warning for years about security vulnerabilities affecting the SS7 protocol widely adopted in mobile communications. SS7, aka Signalling System No. 7, is a set of protocols used in telecommunications ever since the […]

Google is rolling out a new protection system called Google Play Protect, it is a machine-learning system to protect Android users. Good news for Android users, Google has introduced another security defense system, called Google Play Protect, to protect the devices running its mobile OS. Google already uses several security measures to protect the smartphone, such as […]

Hackers demonstrated that it is very easy to bypass the Samsung S8 iris scanner by using a camera, a printer, and a contact lens. Security experts have once against bypassed mobile Biometric system installed on a mobile device, the Samsung S8 model. Hackers used a camera, a printer and a contact lens to bypass the […]

Experts found a new malware, dubbed Judy malware, in the Play Store, it is designed to infect Android devices and generate false clicks on advertisements. Google is suffering once again from malicious software applications found inside popular apps available on Play store. The new malware – code named “Judy” – is designed to infect Android […]

Researchers at Check Point spotted a new family of Android malware dubbed CopyCat that infected 14 million devices and rooted 8 million of them. Researchers at Check Point’s Mobile Research Team have spotted a new family of Android malware that infected 14 million devices and rooted 8 million of them. According to the expert, the […]

The GhostCtrl backdoor, is an OmniRAT-Based Android malware that can spy on victims, steal data and take over Windows System using the RETADUP infostealer. Today’s smartphones are as powerful as the computers of only a few years ago. Unfortunately, that also means that Android phones have as many instances of malware as desktop and laptop […]

IntelliAV is a practical intelligent anti-malware solution for Android devices based on the open-source and multi-platform TensorFlow library. Android is targeted the most by malware coders as the number of Android users is increasing. Although there are many Android anti-malware solutions available in the market, almost all of them are based on malware signatures, and more advanced solutions based on […]

Malware researchers at the Russian anti-virus firm Dr.Web have spotted the Triada Trojan in the firmware of several low-cost Android smartphones. Another case of pre-installed malware make the headlines, malware researchers at the Russian anti-virus firm Dr.Web have spotted the Triada Trojan in the firmware of several low-cost Android smartphones, including Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu […]

Kaspersky discovered a news strain of the mobile banking Trojan Faketoken that displays overlays on top of taxi booking apps to steal banking information. Security experts from Kaspersky have discovered a news strain of the infamous mobile banking trojan Faketoken that implements capabilities to detect and record an infected device’s calls and display overlays on top […]

Researchers at Symantec have discovered Trojan Development Kits that allow creating Android ransomware without the need to write code. Ransomware continues to represent a serious threat to users and organizations. Unfortunately, it is easy for crooks arranging their own ransomware campaign by using numerous RaaS services offered online. Recently researchers at Symantec discovered a new […]

Zimperium Researcher Adam Donenfeld released an iOS Kernel Exploit PoC that can be used to gain full control of iOS mobile devices. Researcher Adam Donenfeld of mobile security firm Zimperium published a Proof-of-concept (PoC) for recently patched iOS vulnerabilities that can be chained to gain full control of iOS mobile devices. The expert called the PoC […]

According to a report published by The Intercept, the popular Sarahah app silently uploads users’ phone contacts to the company’s servers. This summer, Sarahah became one of the most popular iPhone apps in the world for both iOS and Android. Sarahah has been created by Saudi Arabian developer Zain al-Abidin Tawfiq, it implements a social network […]

Google removed almost 300 Android apps from the official Play Store after expert at ESET reported they were abused for a DDoS attack. This week Google has removed at least 300 apps from the Official Play Store after learning that apps were being hijacked to power DDoS attacks. “We identified approximately 300 apps associated with […]

Google removed almost 300 Android apps from the official Play Store after expert at ESET reported they were abused for a DDoS attack. This week Google has removed at least 300 apps from the Official Play Store after learning that apps were being hijacked to power DDoS attacks. “We identified approximately 300 apps associated with […]

Google just fixed a high-severity Android vulnerability, tracked as CVE-2017-0752, that ties with the Toast Overlay attacks. Security researchers with Palo Alto Networks Unit 42, warned of a high-severity Android vulnerability, tracked as CVE-2017-0752, that ties with the “toast attackâ€� overlay vulnerability. The experts reported that it is possible to abuse Android’s toast notification, a feature […]

Google disclosed details and a proof-of-concept exploit for iPhone Wi-Fi firmware vulnerability affecting Broadcom chipsets in iOS 10 and earlier. This week Google disclosed details and a proof-of-concept exploit for a Wi-Fi firmware vulnerability affecting Broadcom chipsets in iOS 10 and earlier. The flaw that was patched this week could be exploited by attackers to […]

Mobile security firm Appthority published an interesting report that revealed which Android and iOS applications are most frequently blacklisted by enterprises. The company Appthority has published an interesting report that reveals which mobile apps, both Android and iOS, are most frequently blacklisted by enterprises. “The mobile ecosystem in an enterprise comprises apps from managed devices, BYOD and COPE. Appthority compiled […]

Google has launched Google Play Security Reward, the bug bounty program that will pay $1,000 rewards for flaws in popular apps. Google has officially launched a bug bounty program for Android apps on Google Play Store, a measure that aims to improve the security of Android apps. The initiative, called Google Play Security Reward, will involve the […]

A group of researchers hacked Apple iPhone X Face ID facial recognition technology by using a 3D-Printed Mask that costs less than $150. On November 3, Apple released its new iPhone X and a few days later a group of researchers from Vietnamese cybersecurity firm Bkav has claimed to have hacked Apple’s Face ID facial recognition technology by using […]

Google has expanded enforcement of Google’s Unwanted Software Policy waring Android developers to explicitly declare data collection behaviors. A few days ago, Google was caught collecting users’ location data even when location services were disabled, many privacy experts questioned the behavior of the tech giant. Google promptly admitted the practice and suspended it. Now Google made another move to […]

Security experts discovered a critical vulnerability in major mobile banking applications that left banking credentials vulnerable to hackers. A group of security researchers has discovered a critical vulnerability in major mobile banking applications that left banking credentials vulnerable to hackers. The vulnerability was discovered by researchers of the Security and Privacy Group at the University […]

The Indian Intelligence warns China is spying its troops through 42 mobile apps, for this reason, the Intelligence Bureau asked soldiers to delete them. The Indian Intelligence Bureau (IB) has warned that Chinese cyber spies are collecting confidential information about the Indian security installations through its popular mobile phone apps and devices. The Intelligence Bureau issued an advisory to the […]

Google fixed a bug dubbed Janus that could be exploited by attackers to inject malicious code into Android apps without affecting an app’s signature. Google fixed four dozen vulnerabilities this week, including a bug dubbed Janus that could be exploited by attackers to inject malicious code into Android apps without affecting an app’s signature verification certificates. Millions of Android […]

Google has awarded a record $112,500 to a security researcher for reporting an exploit chain that could be used to hack Pixel smartphones. Last week the Google disclosed the technical details of the exploit chain that was devised in August 2017 by the Guang Gong from Alpha Team at Qihoo 360 Technology. The exploit chain triggers two […]

According to a researcher from security firm Predeo, three Sonic apps in the Google Play published by SEGA leak users’ data to uncertified servers. According to a researcher from security firm Predeo, some game applications in the Google Play published by SEGA leak users’ data to uncertified servers. The Android apps are Sonic Dash,  Sonic the Hedgehog Classic, and Sonic […]

According to a researcher from security firm Predeo, three Sonic apps in the Google Play published by SEGA leak users’ data to uncertified servers. According to a researcher from security firm Predeo, some game applications in the Google Play published by SEGA leak users’ data to uncertified servers. The Android apps are Sonic Dash,  Sonic the Hedgehog Classic, and Sonic […]

Experts at security firm Checkmarx discovered two security vulnerabilities in the Tinder mobile apps that could be exploited to spy on users. Security experts at Checkmarx discovered two security vulnerabilities in the Tinder Android and iOS dating applications that could be exploited by an attacker on the same wi-fi network as a target to spy […]

Experts at security firm Checkmarx discovered two security vulnerabilities in the Tinder mobile apps that could be exploited to spy on users. Security experts at Checkmarx discovered two security vulnerabilities in the Tinder Android and iOS dating applications that could be exploited by an attacker on the same wi-fi network as a target to spy […]

Security researchers at Qihoo 360’s Netlab have spotted a new Android mining botnet that targets devices with ADB interface open. Security researchers at Qihoo 360’s Netlab have spotted a new Android mining botnet over the weekend. The malicious code ADB.Miner targets Android devices by scanning for open ADB debugging interface (port 5555) and infects them with a Monero […]

Security researchers from Trend Micro detected a new variant of the popular AndroRAT Android RAT in the criminal ecosystem. Security experts from Trend Micro reported the availability of a new variant of the popular AndroRAT. The malware was first born in 2012 as a university project, designed as an open-source client/server application to offer remote […]

Security researchers from Trend Micro detected a new variant of the popular AndroRAT Android RAT in the criminal ecosystem. Security experts from Trend Micro reported the availability of a new variant of the popular AndroRAT. The malware was first born in 2012 as a university project, designed as an open-source client/server application to offer remote […]

Android Security Bulletin for February 2018 – Google has fixed tens of vulnerabilities for Android OS, including several critical remote code execution (RCE) flaws. The Android Security Bulletin for February 2018 addresses 26 vulnerabilities in the mobile operating system, most of which are elevation of privilege flaws. The 2018-02-01 security patch level fixed 7 vulnerabilities, 6 in […]

Android Security Bulletin for February 2018 – Google has fixed tens of vulnerabilities for Android OS, including several critical remote code execution (RCE) flaws. The Android Security Bulletin for February 2018 addresses 26 vulnerabilities in the mobile operating system, most of which are elevation of privilege flaws. The 2018-02-01 security patch level fixed 7 vulnerabilities, 6 in […]

Android Security Bulletin for February 2018 – Google has fixed tens of vulnerabilities for Android OS, including several critical remote code execution (RCE) flaws. The Android Security Bulletin for February 2018 addresses 26 vulnerabilities in the mobile operating system, most of which are elevation of privilege flaws. The 2018-02-01 security patch level fixed 7 vulnerabilities, 6 in […]

Researchers discovered a new dangerous text bomb that crashes Apple devices, only a single character of the Indian Telugu language could create the chaos. A new ‘text bomb’ threatens Apple devices, just a single character of the Indian alphabet (precisely the Telugu language, a Dravidian language spoken in India by about 70 million people) can crash your device […]

Researchers discovered a new dangerous text bomb that crashes Apple devices, only a single character of the Indian Telugu language could create the chaos. A new ‘text bomb’ threatens Apple devices, just a single character of the Indian alphabet (precisely the Telugu language, a Dravidian language spoken in India by about 70 million people) can crash your device […]

Lorenzo Franceschi-Bicchierai published an interesting post on SIM hijacking highlighted the risks for the end users and their exposure to this illegal practice. In 2017, hackers stole some personal information belonging to T-Mobile customers by exploiting a well-known vulnerability. A video tutorial titled ‘T-Mobile Info Disclosure exploit’ showing how to use the flaw was also published […]

Android P, is expected to include a neat feature that prevents apps running in the background from spying on you through the camera or microphone on your cell phone. Do you cover the lens on your webcam to prevent someone from spying on you? You should, and it seems like every security vendor has a […]

The Israeli mobile forensics firm Cellebrite has designed a technology that allows it to unlock almost any iPhone, including the latest iPhone X. We have debated for a long time the legal dispute between Apple and the FBI for unlocking the San Bernardino shooter’s iPhone 5c. The tech giant refused to help the US authorities to unlock the mobile […]

The Israeli mobile forensics firm Cellebrite has designed a technology that allows it to unlock almost any iPhone, including the latest iPhone X. We have debated for a long time the legal dispute between Apple and the FBI for unlocking the San Bernardino shooter’s iPhone 5c. The tech giant refused to help the US authorities to unlock the mobile […]

RedDrop malware is a recently discovered mobile threat that can steal data from infected devices and also record ambient audio. Security researchers at Wandera have spotted a new sophisticated family of mobile malware dubbed RedDrop that can steal data, record audio, and intercept SMS. All data stolen from infected systems is uploaded to remote file storage systems. […]

RedDrop malware is a recently discovered mobile threat that can steal data from infected devices and also record ambient audio. Security researchers at Wandera have spotted a new sophisticated family of mobile malware dubbed RedDrop that can steal data, record audio, and intercept SMS. All data stolen from infected systems is uploaded to remote file storage systems. […]

Security researchers at Dr.Web have discovered over 40 models of low-cost Android smartphones are shipped with the dreaded Android Triada banking malware. Security researchers at Antivirus firm Dr.Web have discovered that 42 models of low-cost Android smartphones are shipped with the Android.Triada.231 banking malware. “In the middle of 2017, Doctor Web analysts discovered a new Trojan Android.Triada.231 in the firmware of some […]

Security researchers at Dr.Web have discovered over 40 models of low-cost Android smartphones are shipped with the dreaded Android Triada banking malware. Security researchers at Antivirus firm Dr.Web have discovered that 42 models of low-cost Android smartphones are shipped with the Android.Triada.231 banking malware. “In the middle of 2017, Doctor Web analysts discovered a new Trojan Android.Triada.231 in the firmware of some […]

A group of researchers discovered a number of weaknesses in the 4G LTE networks that could be exploited by attackers to eavesdrop on phone calls and text messages, knock devices offline, track location, and spoof emergency alerts. A group of researchers from Purdue and the University of Iowa have discovered a number of vulnerabilities affecting the […]

Security experts at Palo Alto Networks discovered a new Android Trojan dubbed TeleRAT that uses Telegram Bot API to communicate with the command and control (C&C) server and to exfiltrate data. TeleRAT appears to be originating from and/or to be targeting individuals in Iran, experts found similarities with another Android malware dubbed IRRAT Trojan, which also leverages […]

Security experts at Palo Alto Networks discovered a new Android Trojan dubbed TeleRAT that uses Telegram Bot API to communicate with the command and control (C&C) server and to exfiltrate data. TeleRAT appears to be originating from and/or to be targeting individuals in Iran, experts found similarities with another Android malware dubbed IRRAT Trojan, which also leverages […]

A vulnerability in the iOS Camera App could be exploited by hackers to redirect users to a malicious website, the issue affects the built-in QR code reader. The iOS Camera App is affected by a bug that could be exploited by hackers to redirect users to a malicious website, the issue resides in the built-in QR code […]

  Security researchers discovered a new Android Remote Access Trojan (RAT) dubbed KevDroid that can steal private data and record phone calls. Security researchers at South Korean cybersecurity firm ESTsecurity have discovered a new strain of Android Trojan KevDroid that is being distributed disguised as a fake anti-virus application, dubbed “Naver Defender.” “Spear phishing attacks targeting Android […]

Probably you don’t know that many Android smartphone vendors fail to roll out Google’s security patches and updates exposing the users to severe risks. Researchers at Security Research Labs (SRL) that the problem also involves major vendors, including HTC, Huawei, and Motorola. In some cases, manufacturers roll out incomplete security patches leaving the devices vulnerable to […]

Google announced that iOS users can now benefit from Google prompt feature via their Gmail application. Security and usability are crucial requirements for Google. Google announced that iOS users can now receive Google prompts via their Gmail application. “In 2017, we made Google prompt the primary choice for G Suite users turning on two-step verification for the first […]

Former NSA expert and white hat hacker Patrick Wardle has released an app named Do Not Disturb app that can be used to detect attacks powered by attackers with physical access to the device (so-called “evil maid” attacks). Patrick Wardle app Version 1.0.0 was built explicitly to protect unattended laptops continually monitors the system for events that may […]

A team of experts has devised the GLitch attack technique that leverages graphics processing units (GPUs) to launch a remote Rowhammer attack against Android smartphones. A team of experts has demonstrated how to leverage graphics processing units (GPUs) to launch a remote Rowhammer attack against Android smartphones. By exploiting the Rowhammer attackers hackers can obtain higher kernel […]

Google releases additional Meltdown mitigations for Android as part of the May 2018 Android Security Bulletin. The tech giant also addresses flaws in NVIDIA and Qualcomm components. Both Meltdown and Spectre attacks could be exploited by attackers to bypass memory isolation mechanisms and access target sensitive data. The Meltdown attack (CVE-2017-5754 vulnerability) could allow attackers to read the entire physical memory of the […]

Roaming Mantis malware initially targeting Android devices, now has broadened both its geographic range and its targets. Security experts from Kaspersky Lab discovered that the operators behind the Roaming Mantis campaign continue to improve their malware broadening their targets, their geographic range and their functional scope. Roaming Mantis surfaced in March 2018 when hacked routers in Japan […]

Experts from Chinese jailbreakers Pangu Lab, have recently discovered the ZipperDown flaw that could affect roughly 10% of iOS Apps. ZipperDown, is a recently discovered vulnerability that could affect thousands of iOS apps and maybe also Android users. The ZipperDown flaw was first reported by experts from Chinese jailbreakers Pangu Lab,  that described it as described as a programming error. The experts estimate […]

Researchers from Avast the antivirus firm are investigating the discovery of pre-installed malware found in 141 low-cost Android devices in over 90 countries. Security experts from Antivirus firm Avast have discovered a new case of pre-installed malware on low-cost Android devices, crooks injected the malicious code in the firmware of 141 models. The operation is […]