Tag: android
-
Spyware maker caught distributing malicious Android apps for years
Italian company SIO, which sells to government customers, is behind an Android spyware campaign called Spyrtacus that spoofed popular apps like WhatsApp, per security researchers. First seen on techcrunch.com Jump to article: techcrunch.com/2025/02/13/spyware-maker-caught-distributing-malicious-android-apps-for-years/
-
RedNote App Security Flaw Exposes User Files on iOS and Android Devices
Serious security vulnerabilities have been uncovered in the popular social media and content-sharing app, RedNote, compromising the privacy and security of millions of users globally. Researchers revealed critical flaws allowing attackers to intercept sensitive user data, access device files, and exploit insecure encryption mechanisms on iOS and Android platforms. The app’s use of inadequate cryptographic…
-
Btmob RAT: A New Evolution of Android Malware Targets Users via Phishing Sites
A newly discovered Android malware, Btmob RAT, has been identified as a major threat to mobile users. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/btmob-rat/
-
Microsoft’s February 2025 Patch Tuesday Addresses 55 CVEs (CVE-2025-21418, CVE-2025-21391)
Tags: access, advisory, android, apt, attack, authentication, best-practice, cve, cyber, data, exploit, firmware, flaw, group, Internet, lazarus, linux, malicious, microsoft, network, north-korea, ntlm, office, rce, remote-code-execution, service, technology, tool, update, vulnerability, windows, zero-day3Critical 52Important 0Moderate 0Low Microsoft addresses 55 CVEs with three rated critical and four zero-day vulnerabilities, including two that were exploited in the wild. Microsoft patched 55 CVEs in its February 2025 Patch Tuesday release, with three rated critical and 52 rated as important. Our counts omitted one vulnerability reported by HackerOne. This month’s update…
-
Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification
Google has stepped in to clarify that a newly introduced Android System SafetyCore app does not perform any client-side scanning of content.”Android provides many on-device protections that safeguard users against threats like malware, messaging spam and abuse protections, and phone scam protections, while preserving user privacy and keeping users in control of their data,” a…
-
Apple issues emergency patches to contain an ‘extremely sophisticated attack’ on targeted individuals
Security researcher uncovers the exploit: The vulnerability was discovered by Bill Marczak, a senior researcher at Citizen Lab, a digital rights research group at the University of Toronto’s Munk School.Marczak took to social media to urge users to update their devices immediately, stating: “Update your iPhones”¦ again! iOS 18.3.1 out today with a fix for…
-
Chinese DeepSeek AI App: FULL of Security Holes Say Researchers
Xi knows if you’ve been bad or good: iPhone app sends unencrypted data to China”, and Android app appears even worse. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/deepseek-ai-app-security-privacy-richixbw/
-
Widespread Android Malware Campaign Hits India
First seen on scworld.com Jump to article: www.scworld.com/brief/widespread-android-malware-campaign-hits-india
-
Malware war auch im App Store: Stealer klauen Passwörter per OCR aus Screenshots
Die auf Android wie iOS abzielende Malware steckt in unscheinbar wirkenden Apps. Diese erschleichen sich Zugriff auf Fotos und nutzen Texterkennung. First seen on heise.de Jump to article: www.heise.de/news/Klaut-Passwoerter-aus-Screenshots-Stealer-Apps-erstmals-im-App-Store-gesichtet-10273411.html
-
1,000 Apps Used in Malicious Campaign Targeting Android Users in India
Zimperium warns that threat actors have stolen the information of tens of thousands of Android users in India using over 1,000 malicious applications. The post 1,000 Apps Used in Malicious Campaign Targeting Android Users in India appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/1000-apps-used-in-malicious-campaign-targeting-android-users-in-india/
-
New Banking Attacking Users of Indian banks to Steal Aadhar, PAN, ATM Credit Card PINs
A sophisticated malware campaign, dubbed >>FatBoyPanel,
-
U.S. CISA adds Linux kernel flaw to its Known Exploited Vulnerabilities catalog
Tags: android, attack, cisa, cve, cybersecurity, exploit, infrastructure, kev, linux, vulnerability, zero-dayU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Linux kernel vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Linux kernel vulnerability, tracked as CVE-2024-53104, to its Known Exploited Vulnerabilities (KEV) catalog. The February 2025 Android security updates addressed 48 vulnerabilities, the zero-day flaw CVE-2024-53104 which is actively exploited in attacks…
-
Crypto-stealing apps found in Apple App Store for the first time
A new campaign dubbed ‘SparkCat’ has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/mobile/crypto-stealing-apps-found-in-apple-app-store-for-the-first-time/
-
Crypto-stealing iOS, Android malware found on App Store, Google Play
A number of iOS and Android apps on Apple’s and Google’s official app stores contain a software development kit (SDK) that allows them to exfiltrate … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/05/crypto-stealing-ios-android-malware-found-on-app-store-google-play-sparkcat-malicious-sdk/
-
Google Play, Apple App Store apps caught stealing crypto wallets
A new campaign dubbed ‘SparkCat’ has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/mobile/google-play-apple-app-store-apps-caught-stealing-crypto-wallets/
-
Android security update includes patch for actively exploited vulnerability
The monthly update closes 47 security vulnerabilities in total. First seen on cyberscoop.com Jump to article: cyberscoop.com/android-security-update-february-2025/
-
Android Security Update Fixes Linux Kernel RCE Flaw Allow Read/Write Access
On February 3, 2025, Google published its February Android Security Bulletin, which addresses a total of 47 vulnerabilities affecting Android devices. Among these, a critical flaw in the Linux kernel’s USB Video Class (UVC) driver, tracked as CVE-2024-53104, has been identified as a significant security risk. This vulnerability allows attackers to execute remote code (RCE),…
-
Android-Updates im Februar schließen gefährliche Sicherheitslücken
Zum Patch-Tuesday hat Google wie gewohnt Aktualisierungen bereit gestellt. Die neuen Android-Updates können vor Angriffen schützen. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/android-updates-im-februar-schliessen-gefaehrliche-sicherheitsluecken-309548.html
-
Vulnerability Patched in Android Possibly Exploited by Forensic Tools
The February 2025 Android patches resolve 46 vulnerabilities, including a Linux kernel bug that has been exploited in the wild. The post Vulnerability Patched in Android Possibly Exploited by Forensic Tools appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/vulnerability-patched-in-android-possibly-exploited-by-forensic-tools/
-
Sicherheit: Zero-Day-Lücke im Android-Kernel wird aktiv ausgenutzt
Google hat mehr als 40 Schwachstellen in Android gepatcht. Eine davon wird aktiv ausgenutzt, eine andere gilt als kritisch und betrifft Qualcomm-Chips. First seen on golem.de Jump to article: www.golem.de/news/sicherheit-zero-day-luecke-im-android-kernel-wird-aktiv-ausgenutzt-2502-193017.html
-
Patchday Android: Angreifer nutzen Kernel-Sicherheitslücke aus
Es sind wichtige Sicherheitsupdates für Android 12, 12L, 13, 14 und 15 erschienen. Angreifer können Geräte kompromittieren. First seen on heise.de Jump to article: www.heise.de/news/Patchday-Android-Angreifer-nutzen-Kernel-Sicherheitsluecke-aus-10268408.html
-
Google patches odd Android kernel security bug amid signs of targeted exploitation
Also, Netgear fixes critical router, access point vulnerabilities First seen on theregister.com Jump to article: www.theregister.com/2025/02/04/google_android_patch_netgear/
-
Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104
Google has shipped patches to address 47 security flaws in its Android operating system, including one it said has come under active exploitation in the wild.The vulnerability in question is CVE-2024-53104 (CVSS score: 7.8), which has been described as a case of privilege escalation in a kernel component known as the USB Video Class (UVC)…
-
Google fixed actively exploited kernel zero-day flaw
The February 2025 Android security updates addressed 48 vulnerabilities, including a kernel zero-day flaw exploited in the wild. The February 2025 Android security updates addressed 48 vulnerabilities, including a zero-day flaw, tracked as CVE-2024-53104, which is actively exploited in attacks in the wild. >>There are indications that CVE-2024-53104 may be under limited, targeted exploitation.
-
Microsoft Sets End Date for Defender VPN
Though Windows, iOS, and macOS users won’t need to make any changes, Android users are advised to remove their Defender VPN profiles. First seen on darkreading.com Jump to article: www.darkreading.com/mobile-security/microsoft-sets-end-date-for-defender-vpn
-
Google fixes Android kernel zero-day exploited in attacks
The February 2025 Android security updates patch 48 vulnerabilities, including a zero-day kernel vulnerability that has been exploited in the wild. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-fixes-android-kernel-zero-day-exploited-in-attacks/
-
Windows 11’s Start menu is getting iPhone and Android integration
Windows 11’s Start menu is getting a big update with full-fledged Android and iPhone integration. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/windows-11s-start-menu-is-getting-iphone-and-android-integration/
-
Signal will let you sync old messages when linking new devices
Tags: androidSignal is finally adding a new feature that allows users to synchronize their old message history from their primary iOS or Android devices to newly linked devices like desktops and iPads. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/signal-will-let-you-sync-old-messages-when-linking-new-devices/
-
Bessere Datensicherheit für Android-Handys
Google bietet neue Softwarefunktionen für Datensicherheit auf Android-Handys, vorerst Pixel mit Android 15 und Samsung mit One UI 7. First seen on heise.de Jump to article: www.heise.de/news/Bessere-Datensicherheit-fuer-Android-Handys-10254834.html