Mobile

Spoofing an Apple device and tricking users into sharing sensitive data

White hat hackers at the recent hacking conference Def Con demonstrated how to spoof an Apple device and trick users into sharing their sensitive data. At the recent Def Con hacking conference, white hat hackers demonstrated how to spoof an Apple device and trick users into sharing their sensitive data. As reported by Techcrunch, attendees […]

The post Spoofing an Apple device and tricking users into sharing sensitive data appeared first on Security Affairs.

August 21, 2023
0 comment
Read More >>

Over 3,000 Android Malware spotted using unsupported/unknown compression methods to avoid detection

Threat actors are using Android Package (APK) files with unsupported compression methods to prevent malware analysis. On June 28th, researchers from Zimperium zLab researchers observed that Joe Sandbox announced the availability of an Android APK that could not be analyzed from most of the anti-decompilation tools. The APT could be installed on Android devices running […]

The post Over 3,000 Android Malware spotted using unsupported/unknown compression methods to avoid detection appeared first on Security Affairs.

August 19, 2023
0 comment
Read More >>

Experts devise an exploit for Apple iOS 16 that relies on fake Airplane Mode

Researchers detailed a new exploit for Apple iOS 16 that can allow attackers to gain access to a device even when the victim believes it is in Airplane Mode. Jamf Threat Labs researchers developed a post-exploit persistence technique on iOS 16 that trick victims into believing that the device is in functional Airplane Mode. In […]

The post Experts devise an exploit for Apple iOS 16 that relies on fake Airplane Mode appeared first on Security Affairs.

August 17, 2023
0 comment
Read More >>

43 Android apps in Google Play with 2.5M installs loaded ads when a phone screen was off

Experts found 43 Android apps in Google Play with 2.5 million installs that displayed advertisements while a phone’s screen was off. Recently, researchers from McAfee’s Mobile Research Team discovered 43 Android apps in Google Play with 2.5 million installs that loaded advertisements while a phone’s screen was off. The experts pointed out that this behavior […]

The post 43 Android apps in Google Play with 2.5M installs loaded ads when a phone screen was off appeared first on Security Affairs.

August 8, 2023
0 comment
Read More >>

Attackers use dynamic code loading to bypass Google Play store’s malware detections

Threat actors rely on the ‘versioning’ technique to evade malware detections of malicious code uploaded to the Google Play Store. Google Cybersecurity Action Team (GCAT) revealed that threat actors are using a technique called versioning to evade malware detection implemented to detect malicious code uploaded to the Google Play Store. The technique is not new […]

The post Attackers use dynamic code loading to bypass Google Play store’s malware detections appeared first on Security Affairs.

August 4, 2023
0 comment
Read More >>

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. The APT41 group, aka Winnti, Axiom, Barium, Blackfly, HOODOO) is a China-linked cyberespionage group that has been active since at least 2007. Researchers at cybersecurity firm […]

The post Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group appeared first on Security Affairs.

July 21, 2023
0 comment
Read More >>

Apple issued Rapid Security Response updates to fix a zero-day but pulled them due to a Safari bug

Apple released Rapid Security Response updates for iOS, iPadOS, macOS, and Safari web browser to address an actively exploited zero-day. Apple has released Rapid Security Response updates for iOS, iPadOS, macOS, and Safari web browser to address a zero-day flaw, tracked as CVE-2023-37450, that has been actively exploited in the wild. Tricking the victim into processing specially crafted web content may lead to […]

The post Apple issued Rapid Security Response updates to fix a zero-day but pulled them due to a Safari bug appeared first on Security Affairs.

July 11, 2023
0 comment
Read More >>

Cybercriminals Evolve Antidetect Tooling for Mobile OS-Based Fraud

Resecurity identified the emergence of adversarial mobile Android-based Antidetect Tooling for Mobile OS-Based Fraud. Resecurity has identified the emergence of adversarial mobile Android-based tools (called “mobile anti-detects”), like Enclave and McFly, as a new frontier in fraud tradecraft evolution. These tools are used by criminals involved in online-banking theft to impersonate compromised account holders and […]

The post Cybercriminals Evolve Antidetect Tooling for Mobile OS-Based Fraud appeared first on Security Affairs.

July 11, 2023
0 comment
Read More >>

Two spyware sending data of more than 1.5M users to China were found in Google Play Store

Two apps on the Google Play Store with more than 1.5 million downloads have been discovered spying on users and sending data to China. Researchers from cybersecurity firm Pradeo discovered two malicious apps on Google Play hinding spyware and spying on up to 1.5 million users. Both applications are file management apps from the same […]

The post Two spyware sending data of more than 1.5M users to China were found in Google Play Store appeared first on Security Affairs.

July 9, 2023
0 comment
Read More >>

Google addressed 3 actively exploited flaws in Android

Google released July security updates for Android that addressed tens of vulnerabilities, including three actively exploited flaws. July security updates for Android addressed more than 40 vulnerabilities, including three flaws that were actively exploited in targeted attacks. “There are indications that the following may be under limited, targeted exploitation.” reads the security bulletin. The CVE-2023-26083 is […]

The post Google addressed 3 actively exploited flaws in Android appeared first on Security Affairs.

July 8, 2023
0 comment
Read More >>