Android malware is booming
Trend Micro’s January prediction that some 11,000 pieces of Android malware will be detected by June this year has proved completely inaccurate, as the number of …
Android gets safer with full ASLR implementation
Last week’s release of Jelly Bean (v 4.1+), the latest version of Google’s Android, was a big step for the company security-wise, as the hugely popular mobile …
Instagram “Friendship Vulnerability” patched
A flaw in the popular Instagram app that allows potential snoopers to add themselves as friends of any Instagram user and, consequently, to access his or hers private …
Android Trojan attacks European banks
Recently Trusteer discovered the first Tatanga-based man in the mobile (MITMO) attack as well as new SPITMO configurations which are targeting Android mobile banking users in …
New Android Trojan secretly buys apps
Even though malicious Android apps can occasionally be found on Google Play, Chinese third-party online Android markets are known for offering them by the hundreds, if not …
Phonebook-slurping, spam-sending app found in App Store
A malicious app that slurps mobile users’ phonebooks and uploads them to a remote server has been spotted being offered both on Google Play and Apple’s App Store. …
Researchers develop Android clickjacking rootkit
A group of researchers from North Carolina State University have managed to create a proof-of-concept rootkit for the Android OS that is able to hijack the clicks made by the …
Facebook API bug deletes contact info on users’ phones
If you thought that Facebook’s recent unannounced change of its users’ email address tied with their account to Facebook ones was bad, you’ll be livid if you …
SMS Trojan masquerades as Firefox for Android
Android users who have a preference for Russian third-party online Android markets should be on the lookout for a malware posing as the Firefox browser. The developers of this …
DroidSheep: Android tool for session hijacking
DroidSheep is a simple Android tool for web session hijacking (sidejacking). It listens for HTTP packets sent via a wireless (802.11) network connection and extracts the …
Investigating Android permissions
Georgia Weidman is the founder of Bulb Security. She’s also a penetration tester, security researcher, and trainer. In this video recorded at Hack in The Box 2012 …
App retrieving contactless credit card details pulled from Google Play
The Near Field Communication (NFC) protocol – supported and present on the latest smartphones – can be misused to steal data, say Symantec researchers. They tested …