Symantec researchers have discovered that the highly popular messaging apps WhatsApp and Telegram are both vulnerable to what the researchers can “Media File Jacking,” which involves the manipulation of media files sent to users via these apps. The attack is possible due to the way WhatsApp and Telegram store media

Check Point researchers are sounding the alarm over a new strain of Android malware that has already compromised 25 million devices. The malware, referred to as Agent Smith, is capable of replacing legitimate applications with malicious copies that display rogue advertisements. The malware is delivered via seemingly benign apps on

ImmuniWeb researchers have found vulnerabilities in the web applications, APIs and/or mobile apps of 97 of the 100 largest financial organizations in the world, which are located across 22 countries. The report shows that 85 online banking apps where not compliant with GDPR, while 49 were not compliant with PCI

Researchers with Kaspersky have uncovered new versions of the notorious FinSpy malware in the wild. The malware, which has been found on both iOS and Android devices, is designed to steal information such as contact lists, text messages, emails, GPS location data and much more. In fact, FinSpy can “monitor

A new Wandera report looks at the mobile threats targeting financial services firms. It shows that phishing accounts for the majority (57%) of attacks, which is significantly higher than the average across other industries (42%). Man-in-the-middle attacks are also more common in the financial services sector (36%) than in other

A fake app claiming to automate the process of installing firmware updates for Samsung devices, has been downloaded over 10 million times. While Updates for Samsung is available for download on Google Play, the official Android store, a recent analysis depicts it as a fraudulent product designed to make money

Security researchers with Wandera recently discovered that a seemingly legitimate Android mobile game available on Google Play actually targeted users with adware, and phishing attacks aimed at stealing Google account credentials. The game, called Scary Granny, was downloaded by 50,000 users before Google was informed about is malicious nature by

A new RiskIQ shows that the number of blacklisted mobile apps increased by 15% between Q4 of 2018 and Q1 of this year. However, Google is increasingly successful at barring malicious Android apps from its official app store, resulting in a 64% decrease of blacklisted apps hosted on Google Play

A new report by Positive Technologies underscores the prevalence of serious security flaws in mobile applications. The most common type of vulnerability is insecure data storage, which affects 76% of all mobile apps. Insecure data storage may under certain conditions be exploited by threat actors in order to obtain unauthorized

Security firm Cellebrite claims it has found a way to unlock iPhones and other devices running iOS 7 to iOS 12.3. The company says that it can “bypass or determine locks and perform a full file system extraction” by using “sophisticated algorithms to minimize unlock attempts.” The Israeli company is