Tag: mobile
-
Koreans Hacked, Blackmailed by 250+ Fake Mobile Apps
A swath of copycat Korean apps are hiding spyware, occasionally leading to highly personal, disturbing extortions. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/koreans-hacked-blackmailed-250-fake-mobile-apps
-
Apple pushes almost 30 security fixes in mobile update
Apple pushes what will likely be the last major security update to its current iPhone and iPad operating systems, fixing 29 vulnerabilities in its mobile ecosystem First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366628089/Apple-pushes-almost-30-security-fixes-in-mobile-update
-
Keeper Security Releases Mobile Platform Updates for iOS and Android
Keeper Security has announced significant updates to its mobile apps for iOS and Android. The updates will bring users a smarter, smoother and more secure way to manage passwords, passkeys and sensitive data on the go. The updated Keeper mobile apps will be available in app stores soon. As smartphones become a primary point of…
-
Cybercriminals Use Fake Apps to Steal Data and Blackmail Users Across Asia’s Mobile Networks
Cybersecurity researchers have discovered a new, large-scale mobile malware campaign that’s targeting Android and iOS platforms with fake dating, social networking, cloud storage, and car service apps to steal sensitive personal data.The cross-platform threat has been codenamed SarangTrap by Zimperium zLabs. Users in South Korea appear to be the primary focus.”This extensive campaign involved First…
-
Cyble Uncovers RedHook Android Trojan Targeting Vietnamese Users
Cybersecurity researchers at Cyble Research and Intelligence Labs (CRIL) have uncovered a new Android banking trojan called RedHook that is actively targeting Vietnamese mobile users. The malware is distributed via carefully crafted phishing sites impersonating trusted financial and government agencies. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/redhook-android-banking-trojan-exploiting/
-
Präzise statt spekulative Kontrolle für mobile Datenströme
Tags: mobileDie meisten Unternehmen gehen davon aus, dass ein mobiles Gerät oder Ding automatisch abgesichert ist, sobald es sich mit einem Mobilfunknetz verbindet. In der Realität trifft diese Annahme leider nur selten zu. Sobald eine SIM-Karte aktiv ist und eine Verbindung zwischen Gerät und Netzwerk besteht, kann Datenverkehr ungehindert über mobile Netzwerke und sogar über Provider-Grenzen…
-
Methods to Bypass OTP in Mobile Apps: Successful VAPT Scenarios
Tags: mobileFirst seen on resecurity.com Jump to article: www.resecurity.com/blog/article/methods-to-bypass-otp-in-mobile-apps-successful-vapt-scenarios
-
Quid Miner Launches Mobile Cloud Mining App for Seamless, Secure BTC and DOGE Cryptocurrency Daily Income of $17,777
[London, UK ] July 2025 As digital assets continue to gain mainstream adoption, investors are turning to innovative tools that simplify how they participate in the crypto economy. Quid Miner, a UK-based platform, is leading this shift with a sleek, mobile-first application that enables users across 180+ countries to earn crypto directly from their […]…
-
SonicWall SMA 100 Vulnerabilities Allow Remote Execution of Arbitrary JavaScript
Cybersecurity vendor SonicWall issued a critical advisory highlighting three serious vulnerabilities affecting its Secure Mobile Access (SMA) 100 series appliances. Impacting SMA 210, SMA 410, and SMA 500v models running firmware version 10.2.1.15-81sv and earlier, the flaws could allow unauthenticated remote attackers to trigger denial-of-service conditions or execute arbitrary code and JavaScript. CVE ID Vulnerability…
-
Smashing Security podcast #427: When 2G attacks, and a romantic road trip goes wrong
Graham warns why it is high time we said goodbye to 2G – the outdated mobile network being exploited by cybercriminals with suitcase-sized SMS blasters. From New Zealand to London, scammers are driving around cities like dodgy Uber drivers, spewing phishing texts to thousands at once. First seen on grahamcluley.com Jump to article: grahamcluley.com/smashing-security-podcast-427/
-
Surveillance Firm Exploits SS7 Flaw to Track User Locations
Tags: attack, cyber, exploit, flaw, infrastructure, intelligence, international, mobile, phone, threat, vulnerabilityA sophisticated surveillance operation has been discovered exploiting critical vulnerabilities in the global telecommunications infrastructure to track mobile phone users’ locations without authorization, security researchers have revealed. The attack leverages weaknesses in the decades-old SS7 (Signaling System No. 7) protocol that underpins international cellular networks. New Attack Method Discovered Security experts at Enea’s Threat Intelligence…
-
China’s Massistant Tool Secretly Extracts SMS, GPS Data, and Images From Confiscated Phones
Cybersecurity researchers have shed light on a mobile forensics tool called Massistant that’s used by law enforcement authorities in China to gather information from seized mobile devices.The hacking tool, believed to be a successor of MFSocket, is developed by a Chinese company named SDIC Intelligence Xiamen Information Co., Ltd., which was formerly known as Meiya…
-
Summer Vacation Alert Surfaces More Than 5 Million Unsecured Wi-Fi Networks
Zimperium, a provider of mobile security software, this week published a report that notes more than 5 million unsecured public Wi-Fi networks have been detected globally since the beginning of 2025 First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/summer-vacation-alert-surfaces-more-than-5-million-unsecured-wifi-networks/
-
Scanception Exposed: New QR Code Attack Campaign Exploits Unmonitored Mobile Access
Tags: access, attack, control, credentials, data-breach, detection, exploit, intelligence, malicious, mobile, qrCyble’s Research and Intelligence Lab (CRIL) has analyzed a new quishing campaign that leverages QR codes embedded in PDF files to deliver malicious payloads. The campaign, dubbed Scanception, bypasses security controls, harvests user credentials, and evades detection by traditional systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/scanception-qr-code-quishing-campaign/
-
Massistant: Chinese Mobile Forensic Tool Accesses SMS, Images, Audio, and GPS Data
Cybersecurity researchers at Lookout Threat Lab have uncovered a sophisticated mobile forensics application called Massistant, deployed by Chinese law enforcement to extract comprehensive data from confiscated mobile devices. The tool represents a significant evolution from its predecessor MFSocket, incorporating advanced capabilities to bypass device security measures and collect sensitive information including SMS messages, images, audio…
-
0-Day RCE Flaw in SonicWall SMA Devices Exploited to Launch OVERSTEP Ransomware
Tags: access, breach, credentials, cyber, cyberattack, exploit, flaw, google, group, intelligence, mobile, ransomware, rce, remote-code-execution, threat, zero-dayGoogle’s Threat Intelligence Group (GTIG) has uncovered a sophisticated cyberattack campaign targeting end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances, where threat actors are exploiting previously stolen credentials and deploying a new rootkit called OVERSTEP. The financially motivated group, tracked as UNC6148, has been operating since at least October 2024 and is suspected of…
-
SonicWall SMA devices persistently infected with stealthy OVERSTEP backdoor and rootkit
Unknown intruders are targeting fully patched end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances and deploying a novel, persistent backdoor / rootkit, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/16/sonicwall-sma-devices-persistently-infected-with-stealthy-overstep-backdoor-rootkit/
-
SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware
A threat actor has been deploying a previously unseen malware called OVERSTEP that modifies the boot process of fully-patched but no longer supported SonicWall Secure Mobile Access appliances. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sonicwall-sma-devices-hacked-with-overstep-rootkit-tied-to-ransomware/
-
UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit
A threat activity cluster has been observed targeting fully-patched end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances as part of a campaign designed to drop a backdoor called OVERSTEP.The malicious activity, dating back to at least October 2024, has been attributed by the Google Threat Intelligence Group (GTIG) to a group it tracks as…
-
Konfety Android Malware Exploits ZIP Tricks to Masquerade as Legit Apps on Google Play
Security researchers from zLabs have discovered a more advanced version of the Konfety Android malware, which uses complex ZIP-level changes to avoid detection and mimic genuine apps on the Google Play Store, marking a dramatic increase in mobile dangers. This malware employs an >>evil-twin
-
No Data on Devices: How Virtual Mobile Infrastructure Changes the Game
Hypori’s Lewandowski on Eliminating Data and Apps From Personal Devices. Traditional BYOD strategies rely on managing personal devices directly, which introduces privacy concerns and leaves organizations vulnerable to attacks such as phishing, network compromise and device rooting, said Wayne Lewandowski, chief revenue officer at Hypori. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/no-data-on-devices-how-virtual-mobile-infrastructure-changes-game-a-28968
-
350M Cars, 1B Devices Exposed to 1-Click Bluetooth RCE
Mercedes, Skoda, and Volkswagen vehicles, as well as untold industrial, medical, mobile, and consumer devices, may be exposed to a vulnerable Bluetooth implementation called PerfektBlue. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/350m-cars-1b-devices-1-click-bluetooth-rce
-
Businesses are overconfident as mobile phishing scams surge
Nearly six in 10 companies experienced incidents because of voice or text phishing attacks that led to executive impersonation, according to a new report from Lookout. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/mobile-phishing-risks-lookout/752824/
-
»manage it« TechTalk: Darum stehen Mobile-First-Sicherheitsstrategien zunehmend im Fokus
Die richtige Mobile-First-Sicherheitsstrategie soll helfen, iPhone, iPad und Co. resilienter und weniger angreifbar zu machen. Warum wird das immer wichtiger und worauf sollten sich Unternehmen dabei einstellen? Darüber haben wir mit Matthew Berzinski vom Sicherheitsanbieter Ping Identity auf der European Identity Cloud Conference 2025 gesprochen. Herausgekommen ist dieses Video, in dem er außerdem sagt, wie…
-
INE Security Launches Enhanced eMAPT Certification
Cary, North Carolina, July 10th, 2025, CyberNewsWire Industry’s Most Comprehensive Mobile Application Penetration Testing Program Addresses Real-World Mobile Security Challenges. INE Security, a leading provider of cybersecurity education and cybersecurity certifications, today launched its significantly enhanced eMAPT (Mobile Application Penetration Testing) certification. The updated certification delivers the industry’s most comprehensive and practical approach to mobile…
-
INE Security Launches Enhanced eMAPT Certification
Cary, North Carolina, July 10th, 2025, CyberNewsWire Industry’s Most Comprehensive Mobile Application Penetration Testing Program Addresses Real-World Mobile Security Challenges. INE Security, a leading provider of cybersecurity education and cybersecurity certifications, today launched its significantly enhanced eMAPT (Mobile Application Penetration Testing) certification. The updated certification delivers the industry’s most comprehensive and practical approach to mobile…
-
Google reveals details on Android’s Advanced Protection for Chrome
Google is sharing more information on how Chrome operates when Android mobile users enable Advanced Protection, highlighting strong security improvements. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-reveals-details-on-androids-advanced-protection-for-chrome/
-
SparkKitty Malware Steals Photos from iOS and Android Devices
A sophisticated Trojan malware campaign has been targeting mobile device users across iOS and Android platforms since February 2024, with cybersecurity researchers identifying a significant escalation in photo theft capabilities that poses particular risks to cryptocurrency users and individuals storing sensitive information in their device galleries. SparkKitty represents a concerning evolution in mobile malware distribution,…