PayMyTab Exposes Data of US Restaurant Goers
PayMyTab, a mobile payments provider, exposed the data of thousands of customers for 16 months after failing to follow security protocols on Amazon Web Services (AWS). Data exposed in the privacy breach includes personally-identifying information of customers who had requested a receipt from their dining experience be emailed or texted
New Android Threat: Google Confirms Malicious Apps Removed From Play Store—Uninstall Now
Researchers with Wandera have discovered yet another set of malicious apps on the Google Play Store. The seven apps included a calculator, an alarm clock, two flashlight apps and three magnifier apps. While the apps do not contain malware when installed, they are “droppers” designed to download malicious “payload” apps
Hackers Claim ‘Any’ Smartphone Fingerprint Lock Can Be Broken In 20 Minutes
Security researchers with Tencent’s X-Lab have found a way to use photographs of fingerprints in order to beat the fingerprint scanner on virtually all Android phones as well as iPhone 8 and older iPhone devices. Moreover, a demonstration of the technique at the GeekPwn 2019 conference in Shanghai showed that
Android bug lets hackers plant malware via NFC beaming
A serious flaw in the Android operating system could have allowed threat actors to distribute malware via NFC beaming, an Android service that uses NFC (Near-Field Communication) radio waves in order to transfer data and software to other nearby devices that have NFC enabled. Last month, Google issued a patch
Sketchy Android keyboard app with 40M downloads makes money off unauthorized purchases
A popular unofficial Android keyboard app that has been installed more than 40 million times, secretly engages in click-fraud and steals money from users by signing them up to paid subscriptions without their knowledge, researchers with Upstream have discovered. While the Ai.type app was actually booted from the Google Play
xHelper Trojan Variant Reinstalls Itself After Removal, Infects 45K
In the past 6 months, an Android Trojan called xHelper has infected over 45,000 devices, mostly in the US, India and Russia. The number of infected devices is still growing every day. Symantec warns that xHelper seems to be virtually impossible to remove, since even factory resets do not get
Companies unprepared to deal with mobile attacks, synthetic identity fraud, CCPA compliance
92% of companies are worried about synthetic identity fraud (SIF), and 40% have noted a rise in SIF in the past year, according to a new survey by IDology. Mobile attacks have also increased by 40% in the same period. The rise of SIF and mobile attacks is especially considering
Blacklisted apps increase 20%, attackers focus on tax-branded key terms
The number of blacklisted mobile apps that are available on third-party app stores has increased by 20% in the second quarter of this year, a new RiskIQ report shows. These malicious apps make up 2% of all apps. Surprisingly, blacklisted app in the Google Play Store actually declined by 59%.
iOS Clicker Trojan Malware Found in 17 Apps in Apple’s App Store
Researchers with Wandera Threat Labs have uncovered 17 malicious iOS apps on the Apple App Store that carried out ad fraud on infected iPhones, iPads, and iPods. After installation, a clicker Trojan in the apps would start running in the background, simulating ad clicks and opening web pages. The researchers
Ongoing Phishing Campaign is Targeting UN and NGOs
Threat actors are targeting the United Nations (UN) and several NGOs in a mobile phishing campaign that aims to capture login credentials for Okta, Office 365 and Outlook accounts, research by Lookout shows. The phishing websites check whether users are using a mobile device in order to deliver relevant content.