Cryptocurrency-mining script planted in apps on Google Play
Coinhive’s cryptocurrency-mining script has found its way into mobile apps offered on Google Play. Trend Micro researchers have spotted two apps that have been equipped …
Camera-based, single-step two-factor authentication resilient to pictionary, shoulder surfing attacks
A group of researchers from Florida International University and Bloomberg LP have created Pixie, a camera-based two-factor authentication system that could end up being a …
Beware fake Android cryptocurrency trading apps on Google Play
Two phishing apps that were made to look like the official app of popular cryptocurrency exchange Poloniex have been booted off Google Play after ESET researchers notified …
Google wants bug hunters to probe popular Android apps for bugs
Google has started another bug bounty initiative: the Google Play Security Reward Program. While the name of the program might suggest that bug hunters will be after …
Millions download botnet-building malware from Google Play
Researchers have discovered a new batch of malicious apps on Google Play, some of which have been downloaded and installed on some 2.6 million devices. The apps’ …
Android DoubleLocker ransomware encrypts data, changes device PIN
A new piece of ransomware is targeting Android users. Dubbed DoubleLocker, it both encrypts users’ files and changes the device’s PIN. About DoubleLocker Lukáš …
Top blacklisted Android and iOS apps by enterprises
Enterprises blacklist apps for a range of security concerns, including specific malicious or data leakage behaviors, security policy compliance and concerns about shadow data …
DJI launches privacy mode for drone operators
DJI launched a new Local Data Mode that stops internet traffic to and from its DJI Pilot app, in order to provide enhanced data privacy assurances for sensitive government and …
Android unlock patterns are a boon for shoulder surfing attackers
The “swiping” unlock patterns typical for Android devices are considerably easier for attackers to discern than PIN combinations. In fact, after only one …
Billions of Bluetooth-enabled devices vulnerable to new airborne attacks
Eight zero-day vulnerabilities affecting the Android, Windows, Linux and iOS implementations of Bluetooth can be exploited by attackers to extract information from, execute …
Patch your Android device to foil Toast Overlay attacks
Overlay attacks are nothing new for Android users, and Palo Alto Networks Unit 42 researchers have found yet another way for attackers to perpetrate them. An “overlay attack” …
Tech firms band together to take down Android DDoS botnet
An ad-hoc alliance of tech firms has managed to seriously cripple an Android-based botnet that was being actively used to DDoS multiple content providers. The botnet, dubbed …