20 Nov 2019

PayMyTab Exposes Data of US Restaurant Goers

PayMyTab, a mobile payments provider, exposed the data of thousands of customers for 16 months after failing to follow security protocols on Amazon Web Services (AWS). Data exposed in the privacy breach includes personally-identifying information of customers who had requested a receipt from their dining experience be emailed or texted

Read More
07 Nov 2019

New Android Threat: Google Confirms Malicious Apps Removed From Play Store—Uninstall Now

Researchers with Wandera have discovered yet another set of malicious apps on the Google Play Store. The seven apps included a calculator, an alarm clock, two flashlight apps and three magnifier apps. While the apps do not contain malware when installed, they are “droppers” designed to download malicious “payload” apps

Read More
04 Nov 2019

Hackers Claim ‘Any’ Smartphone Fingerprint Lock Can Be Broken In 20 Minutes

Security researchers with Tencent’s X-Lab have found a way to use photographs of fingerprints in order to beat the fingerprint scanner on virtually all Android phones as well as iPhone 8 and older iPhone devices. Moreover, a demonstration of the technique at the GeekPwn 2019 conference in Shanghai showed that

Read More
04 Nov 2019

Android bug lets hackers plant malware via NFC beaming

A serious flaw in the Android operating system could have allowed threat actors to distribute malware via NFC beaming, an Android service that uses NFC (Near-Field Communication) radio waves in order to transfer data and software to other nearby devices that have NFC enabled. Last month, Google issued a patch

Read More
04 Nov 2019

Sketchy Android keyboard app with 40M downloads makes money off unauthorized purchases

A popular unofficial Android keyboard app that has been installed more than 40 million times, secretly engages in click-fraud and steals money from users by signing them up to paid subscriptions without their knowledge, researchers with Upstream have discovered. While the Ai.type app was actually booted from the Google Play

Read More
30 Oct 2019

xHelper Trojan Variant Reinstalls Itself After Removal, Infects 45K

In the past 6 months, an Android Trojan called xHelper has infected over 45,000 devices, mostly in the US, India and Russia. The number of infected devices is still growing every day. Symantec warns that xHelper seems to be virtually impossible to remove, since even factory resets do not get

Read More
29 Oct 2019

Companies unprepared to deal with mobile attacks, synthetic identity fraud, CCPA compliance

92% of companies are worried about synthetic identity fraud (SIF), and 40% have noted a rise in SIF in the past year, according to a new survey by IDology. Mobile attacks have also increased by 40% in the same period. The rise of SIF and mobile attacks is especially considering

Read More
25 Oct 2019

Blacklisted apps increase 20%, attackers focus on tax-branded key terms

The number of blacklisted mobile apps that are available on third-party app stores has increased by 20% in the second quarter of this year, a new RiskIQ report shows. These malicious apps make up 2% of all apps. Surprisingly, blacklisted app in the Google Play Store actually declined by 59%.

Read More
25 Oct 2019

iOS Clicker Trojan Malware Found in 17 Apps in Apple’s App Store

Researchers with Wandera Threat Labs have uncovered 17 malicious iOS apps on the Apple App Store that carried out ad fraud on infected iPhones, iPads, and iPods. After installation, a clicker Trojan in the apps would start running in the background, simulating ad clicks  and opening web pages. The researchers

Read More
25 Oct 2019

Ongoing Phishing Campaign is Targeting UN and NGOs

Threat actors are targeting the United Nations (UN) and several NGOs in a mobile phishing campaign that aims to capture login credentials for Okta, Office 365 and Outlook accounts, research by Lookout shows. The phishing websites check whether users are using a mobile device in order to deliver relevant content.

Read More