Bug hunters can get up to $450,000 for an RCE in Google’s Android apps
Google has drastically increased the rewards bug hunters can get for reporting vulnerabilities in Android apps it develops and maintains. “We increased reward amounts by …
Attackers leverage weaponized iMessages, new phishing-as-a-service platform
Scammers are leveraging the Darcula phishing-as-a-service platform, iMessages and Google Messages to great effect. The platform allows them to impersonate a variety of brands …
Drozer: Open-source Android security assessment framework
Drozer is an open-source security testing framework for Android, whose primary purpose is to make the life of mobile application security testers easier. Drozer features The …
MobSF: Open-source security research platform for mobile apps
The Mobile Security Framework (MobSF) is an open-source research platform for mobile application security, encompassing Android, iOS, and Windows Mobile. MobSF can be used for …
RiskInDroid: Open-source risk analysis of Android apps
RiskInDroid (Risk Index for Android) is an open-source tool for quantitative risk analysis of Android applications based on machine learning techniques. How RiskInDroid works …
Inside the book: Androids – The Team That Built the Android Operating System
In 2004, Android was two people who wanted to build camera software but couldn’t get investors interested. Android is a large team at Google today, delivering an OS to …
Google Play will mark independently validated VPN apps
Android VPN apps that have gone through an independent security validation will now be able to claim that distinction on Google Play with a prominent badge in their Data …
Google Play Protect takes on malicious apps with code-level scanning
Google is enhancing Google Play Protect’s real-time scanning to include code-level scanning, to keep Android devices safe from malicious and unwanted apps, especially …
Sic Permission Slip on data brokers that use your data
Permission Slip, an iPhone and Android app developed by Consumer Reports, helps users ask companies and data brokers to stop sharing their personal data and/or delete it. The …
Backdoored Android phones, TVs used for ad fraud – and worse!
A key monetization mechanism of a sophisticated series of cybercriminal operations involving backdoored off-brand mobile and CTV Android devices has been disrupted, Human …
Zero-day in Arm GPU drivers exploited in targeted attacks (CVE-2023-4211)
A vulnerability (CVE-2023-4211) in the kernel drivers for several Mali GPUs “may be under limited, targeted exploitation,” British semiconductor manufacturer Arm …
Code alterations more prevalent in Android apps than iOS
57% of all monitored apps are under attack, with gaming (63%) and FinServ (62%) apps facing the highest risk, according to Digital.ai. The study found no correlation between …