Tag: mobile
-
SparkKitty Malware Steals Photos from iOS and Android Devices
A sophisticated Trojan malware campaign has been targeting mobile device users across iOS and Android platforms since February 2024, with cybersecurity researchers identifying a significant escalation in photo theft capabilities that poses particular risks to cryptocurrency users and individuals storing sensitive information in their device galleries. SparkKitty represents a concerning evolution in mobile malware distribution,…
-
South Korean Government Imposes Penalties on SK Telecom for Breach
Following a breach at the country’s top mobile provider that exposed 27 million records, the South Korean government imposed a small monetary penalty but stiff regulatory requirements. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/south-korea-imposes-penalties-sk-telecom-breach
-
Anatsa mobile malware returns to victimize North American bank customers
Android banking malware known as Anatsa was back for a brief but noticeable run in late June, researchers said. First seen on therecord.media Jump to article: therecord.media/anatsa-android-banking-malware-returns-north-america
-
Malware Attacks on Android Devices Surge in Q2, Driven by Banking Trojans and Spyware
Dr.Web Security Space for mobile devices reported that malware activity on Android devices increased significantly in the second quarter of 2025. Adware trojans, particularly from the Android.HiddenAds family, remained the most prevalent threat, despite an 8.62% decrease in user encounters. These trojans often disguise themselves as harmless apps or hide within system directories, concealing their…
-
NSB Warns of Cybersecurity Risks Linked to Popular Chinese Apps Like Rednote, Weibo, TikTok, WeChat, and Baidu Cloud
Taiwan’s National Security Bureau (NSB) has issued a stark warning about cybersecurity risks associated with several widely used China-developed mobile applications, including Rednote, Weibo, TikTok, WeChat, and Baidu Cloud. Following an in-depth investigation conducted in collaboration with the Ministry of Justice Investigation Bureau (MJIB) and the Criminal Investigation Bureau (CIB) under the National Police Agency,…
-
Massive Android Fraud Operations Uncovered: IconAds, Kaleidoscope, SMS Malware, NFC Scams
A mobile ad fraud operation dubbed IconAds that consisted of 352 Android apps has been disrupted, according to a new report from HUMAN.The identified apps were designed to load out-of-context ads on a user’s screen and hide their icons from the device home screen launcher, making it harder for victims to remove them, per the…
-
Verizon and T-Mobile Deny Data Breaches as Millions of User Records Sold Online
User claims to sell stolen Verizon and T-Mobile data for millions of users (online Verizon says data is old T-Mobile denies any breach and links to it. First seen on hackread.com Jump to article: hackread.com/verizon-t-mobile-deny-data-breaches-user-records-sold/
-
FBI’s mobile security recommendations lacking, senator says
Tags: mobileFirst seen on scworld.com Jump to article: www.scworld.com/brief/fbis-mobile-security-recommendations-lacking-senator-says
-
ICE’s Shiny New ‘AI’ Facial Recognition App: False Positives Ahoy!
Mobile Fortify: Liberty’s existential threat, or sensible way to ID illegal immigrants? First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/ice-facial-recognition-mobile-fortify-richixbw/
-
DOJ: Cartel Hacked Phones, Cameras to Track FBI Informants
New Report Says Mexican Cartel Hired Hacker to Identify, Track and Kill FBI Sources. A Justice Department watchdog found a Mexican cartel hired a hacker to tap mobile data and Mexico City cameras, helping track, intimidate and kill potential U.S. informants linked to El Chapo while calling for reforms to protect sensitive investigations from rapidly…
-
Fresh UK postcode tool points out best mobile network in your area
Pick a provider based on how good their local 4G and 5G coverage is First seen on theregister.com Jump to article: www.theregister.com/2025/06/27/ofcoms_postcode_checker_points_out/
-
Cisco warns of critical API vulnerabilities in ISE and ISE-PIC
Tags: access, ai, api, application-security, attack, authentication, automation, best-practice, business, ceo, cisco, ciso, cloud, communications, control, credentials, data, defense, email, endpoint, exploit, firewall, flaw, framework, guide, Hardware, incident response, malicious, microsoft, mobile, network, penetration-testing, programming, risk, router, saas, sans, service, software, threat, update, vpn, vulnerability, wafroot user.The fault behind both vulnerabilities: Holes in application programming interfaces (APIs).”Take this vulnerability seriously,” said Moses Frost, senior course instructor on cloud penetration testing at the SANS Institute. “In my experience assessing networks, I have found through testing that many lack essential patches and security hardening on their core network devices. I have seen Cisco…
-
Beware of Weaponized Wedding Invite Scams Delivering SpyMax RAT to Android Devices
A sophisticated Android phishing campaign, aptly named “Wedding Invitation,” has emerged as a significant threat targeting mobile users across India. According to a detailed report from K7 Computing, this malicious operation leverages the guise of digital wedding invitations to deceive unsuspecting users into installing compromised APK files. Stealthy Phishing Campaign Distributed primarily through popular messaging…
-
Hackers claim breach of 64M T-Mobile records
First seen on scworld.com Jump to article: www.scworld.com/brief/hackers-claim-breach-of-64m-t-mobile-records
-
New SparkKitty malware targets mobile photos for cryptowallet compromise
First seen on scworld.com Jump to article: www.scworld.com/brief/new-sparkkitty-malware-targets-mobile-photos-for-cryptowallet-compromise
-
Malware on Google Play, Apple App Store stole your photos”, and crypto
A new mobile crypto-stealing malware called SparkKitty was found in apps on Google Play and the Apple App Store, targeting Android and iOS devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malware-on-google-play-app-store-stole-your-photos-and-crypto/
-
DuckDuckGo Browser’s Scam Blocker to Guard Against Phishing and Malware Sites
DuckDuckGo has rolled out an advanced update to its browser’s built-in Scam Blocker, a robust security feature designed to shield users from a wide array of online threats, including phishing sites, malware, and sophisticated scams. Now integrated into the DuckDuckGo browser for both desktop and mobile platforms, Scam Blocker offers protection by default, requiring no…
-
Godfather Android trojan uses virtualization to hijack banking and crypto apps
Godfather Android trojan uses virtualization to hijack banking and crypto apps, stealing user funds, warns mobile security firm Zimperium. Zimperium zLabs has uncovered a major evolution of the GodFather Android trojan, which uses on-device virtualization to hijack real banking and crypto apps. Instead of using fake overlays, the malware creates a sandbox on the victim’s…
-
Passkeys on Facebook, Messenger for mobile imminent
First seen on scworld.com Jump to article: www.scworld.com/brief/passkeys-on-facebook-messenger-for-mobile-imminent
-
New Android Malware Surge Hits Devices via Overlays, Virtualization Fraud, and NFC Theft
Cybersecurity researchers have exposed the inner workings of an Android malware called AntiDot that has compromised over 3,775 devices as part of 273 unique campaigns.”Operated by the financially motivated threat actor LARVA-398, AntiDot is actively sold as a Malware-as-a-Service (MaaS) on underground forums and has been linked to a wide range of mobile campaigns,” PRODAFT…
-
Meta To Introduce Full Passkey Support for Facebook on Mobiles
Around half of the world’s top 100 websites have already integrated passkey support First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/meta-introduce-full-passkey-support/
-
GodFather Android Malware Uses On-Device Virtualization to Hijack Legitimate Banking Apps
Zimperium zLabs has uncovered a highly advanced iteration of the GodFather Android banking malware, which employs a groundbreaking on-device virtualization technique to compromise legitimate mobile banking and cryptocurrency applications. Unlike traditional overlay attacks that merely mimic login screens, this malware creates a fully isolated virtual environment on the victim’s device, enabling attackers to monitor and…
-
Godfather Android malware now uses virtualization to hijack banking apps
A new version of the Android malware “Godfather” creates isolated virtual environments on mobile devices to steal account data and transactions from legitimate banking apps. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/godfather-android-malware-now-uses-virtualization-to-hijack-banking-apps/
-
New Android Malware Surge Hits Devices via Overlays, Virtualization Fraud and NFC Theft
Cybersecurity researchers have exposed the inner workings of an Android malware called AntiDot that has compromised over 3,775 devices as part of 273 unique campaigns.”Operated by the financially motivated threat actor LARVA-398, AntiDot is actively sold as a Malware-as-a-Service (MaaS) on underground forums and has been linked to a wide range of mobile campaigns,” PRODAFT…
-
From cleaners to creepers: The risk of mobile privilege escalation
In this Help Net Security video, Nico Chiaraviglio, Chief Scientist at Zimperium, explores how Android apps can be abused to escalate privileges, giving attackers access to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/18/android-mobile-privilege-escalation-video/
-
GCHQ Intern Sentenced to 7 Years for Illegally Copying Secret Files to Smartphone
A former intern at the UK’s intelligence agency GCHQ has been sentenced to seven and a half years in prison after admitting to smuggling top secret data out of a secure facility using his mobile phone, in a breach described by prosecutors as a “flagrant violation” of national security protocols. Hasaan Arshad, 25, a computer…
-
Exposure Management Is the Future of Proactive Security
Tags: attack, business, cloud, compliance, corporate, cybersecurity, data, guide, identity, Internet, jobs, mobile, risk, skills, strategy, technology, threat, tool, update, vulnerability, vulnerability-managementEach Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, Jorge Orchilles, Senior Director of Readiness and Proactive Security at Verizon, offers an up-close glimpse at the thinking that drove his move to exposure management. You can read the entire…
-
App Store Security Threats in 2025: Why Hackers Target Mobile Ecosystems
In 2025, app store security threats have reached unprecedented levels, driven by increasingly sophisticated cybercriminal tactics and expanding attack surfaces. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/app-store-security-threats-in-2025-why-hackers-target-mobile-ecosystems/
-
Canadian Airline WestJet Suffers Cyberattack, Halts App and Web Services
Calgary-based WestJet Airlines, Canada’s second-largest carrier, is grappling with the fallout from a significant cybersecurity incident that has disrupted access to its mobile app and internal systems. The breach, first detected on June 13, has led to intermittent outages and errors for guests attempting to use WestJet’s digital platforms, including the WestJet app and website.…