Targeting smartphones started to be increasingly appealing to cybercriminals as these devices become more and more important in users’ lives. In 2021, 6.3 billion people owned a smartphone worldwide, according to Statista.com and it is expected that ma…
The PCI Security Standards Council (PCI SSC) is pleased to announce the release of its new mobile app. The PCI SSC mobile app allows for more direct engagement with payment industry stakeholders, including instant notification of Counc…
Experts spotted new Android spyware that was used by China-linked threat actors to spy on the Uyghur community in China. Researchers from Cyble Research & Intelligence Labs (CRIL) started their investigation after MalwareHunterTeam experts shared information about a new Android malware used to spy on the Uyghur community. The malware disguised as a book titled “The China […]
The post A new Android malware used to spy on the Uyghur Community appeared first on Security Affairs.
Researchers discovered 1,859 Android and iOS apps containing hard-coded Amazon Web Services (AWS) credentials. Researchers from Broadcom Symantec’s Threat Hunter team discovered 1,859 Android and iOS apps containing hard-coded Amazon Web Services (AWS) credentials that allowed access to private cloud services. The experts pointed out that most of the apps containing hard-coded Amazon Web Services […]
The post 1,859 Android and iOS apps were containing hard-coded Amazon AWS credentials appeared first on Security Affairs.
Microsoft discovered a vulnerability in the TikTok app for Android that could lead to one-click account hijacking. Microsoft researchers discovered a high-severity flaw (CVE-2022-28799) in the TikTok Android app, which could have allowed attackers to hijack users’ accounts with a single click. The experts state that the vulnerability would have required the chaining with other […]
The post A flaw in TikTok Android app could have allowed the hijacking of users’ accounts appeared first on Security Affairs.
Leaked documents show the surveillance firm Intellexa offering exploits for iOS and Android devices for $8 Million. Intellexa is an Israeli surveillance firm founded by Israeli entrepreneur Tal Dilian, it offers surveillance and hacking solution to law enforcement and intelligence agencies. The Vx-undergroud researchers shared some images of several confidential documents that appear to be […]
The post Surveillance firm’s leaked docs show the purchase of an $8M iOS RCE zero-day exploit appeared first on Security Affairs.
Experts found backdoors in budget Android device models designed to target WhatsApp and WhatsApp Business messaging apps. Researchers from Doctor Web discovered backdoors in the system partition of budget Android device models that are counterfeit versions of famous brand-name models. The malware targets WhatsApp and WhatsApp Business messaging apps and can allow attackers to conduct […]
The post Counterfeit versions of popular mobile devices target WhatsApp and WhatsApp Business appeared first on Security Affairs.
Many people opt for encrypted messaging services because they like the additional layers of privacy they offer. They allow users…
The post Encrypted Messaging Service Hack Exposes Phone Numbers appeared first on McAfee Blog.
Apple addressed two zero-day vulnerabilities, exploited by threat actors, affecting iOS, iPadOS, and macOS devices. Apple this week released security updates for iOS, iPadOS, and macOS platforms to address two zero-day vulnerabilities exploited by threat actors. Apple did not share details about these attacks. The two flaws are: CVE-2022-32893 – An out-of-bounds issue in WebKit which. An attacker can trigger the […]
The post Apple fixed two new zero-day flaws exploited by threat actors appeared first on Security Affairs.
Researchers have discovered a previously undocumented Android dropper, dubbed BugDrop, that’s still under development. Recently, researchers from ThreatFabric discovered a previously undetected Android dropper, dubbed BugDrop, which is under active development and was designed to bypass security features that will be implemented in the next release of the Google OS. The experts noticed something unusual in the […]
The post Bugdrop dropper includes features to circumvent Google’s security Controls appeared first on Security Affairs.