Samsung Knox flaws open unpatched devices to compromise
Researchers from Viral Security Group have discovered three vulnerabilities in Samsung Knox, a security platform that allows users to maintain separate identities for work and …
DressCode Android malware found in 3,000 apps
When Check Point researchers unearthed more than 40 apps on Google Play (and 400 on third party app stores) infected with the so-called DressCode malware in late October, it …
Mobile security stripped bare: Why we need to start again
We’re all familiar with the cartoon image of a character stopping a water leak by plugging a finger into the hole, only for another leak to start, needing another finger, and …
Xiaomi smartphones come equipped with backdoor
When you buy a new mobile device with certain apps already pre-installed on, you’re effectively forced to trust that the device maker or reseller (depending on who …
Bogus Pokémon GO guide app roots Android devices
The popularity of Pokémon GO is apparently on the wane, but there are still more than enough players to make it a good lure for cyber crooks. In fact, fake apps like the …
Android apps based on Adobe AIR SDK send out unencrypted data
Developers using the Adobe AIR SDK should update to the latest version of the software development kit and rebuild the apps as soon as possible if they don’t want their …
Gugi banking Trojan outsmarts Android 6 security
A modification of the Gugi banking Trojan that can bypass Android 6 security features designed to block phishing and ransomware attacks. The modified Trojan forces users into …
Twitter-controlled Android backdoor delivers banking malware
A backdoor Trojan named Twitoor is the first instance of Android malware that receives its commands from a Twitter account. Keeping their botnet out of law enforcement’s …
Android 7.0 Nougat is out, with new security features
Google has released Android 7.0 Nougat, and the newest version of the popular mobile OS is already being rolled out to Google’s existing Nexus devices. “Today, and …
Attackers can hijack unencrypted web traffic of 80% of Android users
The recently revealed security bug (CVE-2016-5696) in the TCP implementation in the Linux kernel that could allow attackers to hijack unencrypted web traffic without an MitM …
Google Duo: Simple, encrypted, video calling app
Google Duo is a simple 1-to-1 video calling app available for Android and iOS. In order to use Google Duo all you need is your phone number, no separate account is necessary. …
Spoofing boarding pass QR codes with simple app
Przemek Jaroszewski, the head of Poland’s CERT, says anyone can bypass the security of the automated entrances of airlines’ airport lounges by using a specially …
Featured news
Resources
Don't miss
- Avoiding vendor lock-in when using managed cloud security services
- The CISO’s dilemma of protecting the enterprise while driving innovation
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)
- Account takeover detection: There’s no single tell
- Man vs. machine: Striking the perfect balance in threat intelligence