Google plugs Google Admin app sandbox bypass 0-day
After having had some trouble with fixing a sandbox bypass vulnerability in the Google Admin Android app, the Google Security team has finally released on Friday an update …
Google’s Android Stagefright patch is flawed
The security update released by Google last week does not provide a complete defense against attackers taking advantage of the recently unearthed Stagefright Android …
Severe deserialization vulnerabilities found in Android and third-party Android SDKs
Closely behind the discoveries of the Stagefright flaw, the hole in Android’s mediaserver service that can put devices into a coma, and the Certifi-gate bug, comes that …
Vulnerabilities in 2015: 0-days, Android vs iOS, OpenSSL
Secunia has taken an early peek at the trend in vulnerabilities for 2015, and has presented the results at Black Hat USA 2015. Seven months into the year, the number of …
Easily exploitable Certifi-gate bug opens Android devices to hijacking
Check Point’s mobile security research team discovered a vulnerability in Android that affects phones, tablets and devices made by major manufacturers including LG, …
Android users rejoice! Security updates will be coming out faster
August 5, 2015, is the date that (hopefully) marks the beginning of one of the biggest positive changes in the Android ecosystem.Adrian Ludwig, Google’s lead engineer …
New Android bug can put devices into a coma
In the wake of the explosive discovery of the Android Stagefright vulnerability, Trend Micro researchers have revealed the existence of another, similar one that can make …
Hacking Team’s RCS Android: The most sophisticated Android malware ever exposed
“As each day passes and researchers find more and more source code in the huge Hacking Team data dump, it becomes more clear what the company’s customers could do …
Hacking Team used fake app hosted on Google Play to install its spyware on Android devices
“The massive Hacking Team data leak includes the source code of a fake Android news app and instructions on how to use it, Trend Micro researchers have found. The app, …
NowSecure Lab cloud: Mobile app assessment environment
NowSecure was one of the companies that caught my attention at this year’s RSA Conference in San Francisco. While it initially seemed like a new player in the field, the …
Flawed Android backup mechanism can lead to injected malicious apps
A flaw (CVE-2014-7952) in Android’s backup/restore mechanism can be exploited by knowledgeable developers to “respawn” malicious apps on phones, and make …
Popular Android games unmasked as phishing tools
“ESET researchers have discovered a new, ingenious, yet very simple Facebook phishing scheme: playable Android games that, before they are started, ask users to enter …