20 Jun 2019

76% of mobile apps have flaws allowing hackers to steal passwords, money, and texts

A new report by Positive Technologies underscores the prevalence of serious security flaws in mobile applications. The most common type of vulnerability is insecure data storage, which affects 76% of all mobile apps. Insecure data storage may under certain conditions be exploited by threat actors in order to obtain unauthorized

Read More
18 Jun 2019

Security firm claims it can unlock any iPhone

Security firm Cellebrite claims it has found a way to unlock iPhones and other devices running iOS 7 to iOS 12.3. The company says that it can “bypass or determine locks and perform a full file system extraction” by using “sophisticated algorithms to minimize unlock attempts.” The Israeli company is

Read More
06 Jun 2019

Researchers Finds Thousands of iOS Apps Ignoring Security

A new report by Wandera shows that two in three iOS app developers are knowingly violating an Apple mandate to add end-to-end encryption to their applications. In an attempt to ensure the security of iOS apps, Apple has built the App Transport Security (ATS) feature into the Swift development platform.

Read More
05 Jun 2019

Adware Hidden in Android Apps Downloaded More Than 440 Million Times

Security researchers at Lookout recently discovered hidden adware in 238 android apps that were available in the official Google Play store. The apps accounted for more than 440 million total installations. The adware was hidden in an obfuscated plugin called BeiTaAd. The plugin made it possible for the apps to

Read More
24 May 2019

Mobile Chrome, Safari, and Firefox failed to show phishing warnings for more than a year

A team of researchers from Arizona State University and PayPal staff discovered that mobile browsers including Chrome, Firefox, and Safari put users at risk between mid-2017 and late 2018 by not showing any phishing warnings to users connecting to blacklisted websites. This issue had to do with the mobile version

Read More
23 May 2019

All iPhones And Some Android Phones Are Vulnerable To A New Device Fingerprinting Attack

Cambridge University researchers have discovered a new kind of “fingerprinting attack” that could enable websites to keep track of individual users as they visit other websites using the same browser. Fingerprinting is a nightmare for people who care about their privacy. It can be used to target people with customized

Read More
23 May 2019

Fraud Attacks from Mobile Spiked 300% in Q

Cybercriminals are increasingly using rogue mobile applications to carry out fraud attacks, a new RSA report shows. In the first three months of this year, fraud associated with such apps surged by 300%. Rogue apps are malicious copies of legitimate applications. Fraud campaigns involving financial malware also increased in Q1

Read More
05 Apr 2019

Pre-Installed Security App Puts 150 Million Xiaomi Smartphone Users At Risk

Cybercriminals are increasingly going after mobile users by hiding malware in applications and trying to upload the nefarious apps to the Google Play Store. As if this isn’t bad enough, a new incident involving Chinese smartphone manufacturer Xiaomi exposes an even more potent threat, namely that of malicious or poorly

Read More
03 Apr 2019

How financial institutions are risking customer data through insecure mobile apps

New research from Aite Group and Arxan Technologies has found major security shortcomings in mobile applications offered by various financial institutions. Of the 30 apps that were inspected, 29 could easily be reverse-engineered because the code was not sufficiently protected, while 27 applications shared services with other software and 25

Read More
01 Apr 2019

Google: Malware in Google Play doubled in 2018 because of click-fraud apps

According to Google’s annual Android security report [pdf], installs of malicious apps from the Google Play Store increased by 100% in 2018. However, the company claims that the reported increase is a result of its decision to start considering click-fraud applications, also called adware, as “potentially harmful apps” (PHAs). Since adware

Read More