Tag: mobile
-
Kali Linux 2025.3 Launches With Fresh Features and 10 New Pentesting Tools
Kali Linux 2025.3 has arrived, bringing a wave of improvements, updated firmware support, and a suite of ten new security tools. This release builds on the June 2025.2 update by refining core workflows, extending wireless capabilities, and preparing the distribution for emerging architectures. Whether you rely on virtual machines, Raspberry Pi devices, or mobile pentesting…
-
SonicWall Issues Emergency Patch to Remove ‘OVERSTEP’ Rootkit Malware on SMA Devices
SonicWall has released an urgent software update for its Secure Mobile Access (SMA) 100 Series appliances to remove a dangerous rootkit known as ‘OVERSTEP.’ This backdoor malware was discovered in older SMA firmware versions and can give attackers persistent access to affected devices. The new build, version 10.2.2.2-92sv, adds additional file checking to detect and…
-
SonicWall Issues Emergency Patch to Remove ‘OVERSTEP’ Rootkit Malware on SMA Devices
SonicWall has released an urgent software update for its Secure Mobile Access (SMA) 100 Series appliances to remove a dangerous rootkit known as ‘OVERSTEP.’ This backdoor malware was discovered in older SMA firmware versions and can give attackers persistent access to affected devices. The new build, version 10.2.2.2-92sv, adds additional file checking to detect and…
-
SonicWall adds rootkit removal capabilities to the SMA 100 series
SonicWall has released new firmware for its Secure Mobile Access (SMA) 100 series appliances, adding file-checking capabilities that help users remove known rootkit malware. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/23/sonicwall-adds-rootkit-removal-capabilities-to-the-sma-100-series/
-
DEF CON 33: Mobile Hacking Community
Creators, Authors and Presenters: d3dbot, Mobile Hacking Community Our sincere appreciation to DEF CON, and the Creators/Presenters/Authors for publishing their timely DEF CON 33 outstanding content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/def-con-33-mobile-hacking-community/
-
CISA warns of malware deployed through Ivanti EPMM flaws
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) disclosed two malware strains found in a network compromised via Ivanti EPMM flaws. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published technical details of two malware families that were discovered in the network of an unnamed organization following the compromise of Ivanti Endpoint Manager Mobile (EPMM).…
-
CISA exposes malware kits deployed in Ivanti EPMM attacks
Tags: attack, cisa, cybersecurity, endpoint, exploit, infrastructure, ivanti, malware, mobile, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the malware deployed in attacks exploiting vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-exposes-malware-kits-deployed-in-ivanti-epmm-attacks/
-
CISA Alerts of Hackers Targeting Ivanti Endpoint Manager Mobile Vulnerabilities to Distribute Malware
Cyber threat actors have weaponized two critical Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities”, CVE-2025-4427 and CVE-2025-4428″, to deploy sophisticated malicious loaders and listeners on compromised servers. The malware consists of two sets of components: Loader 1 (web-install.jar, ReflectUtil.class, SecurityHandlerWanListener.class) and Loader 2 (web-install.jar, WebAndroidAppInstaller.class), both designed to inject arbitrary code and maintain persistence on Apache…
-
CISA Warns of New Malware Campaign Exploiting Ivanti EPMM Vulnerabilities
Tags: attack, cisa, cybersecurity, endpoint, exploit, infrastructure, ivanti, malware, mobile, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) released a Malware Analysis Report (MAR), highlighting a new attack trend targeting Ivanti Endpoint Manager Mobile (EPMM) systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cisa-mar-cve-2025-4427-28/
-
CISA Warns of Two Malware Strains Exploiting Ivanti EPMM CVE-2025-4427 and CVE-2025-4428
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released details of two sets of malware that were discovered in an unnamed organization’s network following the exploitation of security flaws in Ivanti Endpoint Manager Mobile (EPMM).”Each set contains loaders for malicious listeners that enable cyber threat actors to run arbitrary code on the compromised…
-
WatchGuard patches ‘critical’ VPN flaw in firewalls that could lead to compromise
Who is affected?: A list of the nearly three dozen firewall models affected by CVE-2025-9242 is available from WatchGuard’s website. The vulnerable versions of the Fireware OS are 2025.1, 12.x, 12.5.x (T15 & T35 models), 12.3.1 (FIPS-certified release), and 11.x (end of life). These are addressed (in the same order) by updating to versions 2025.1.1,…
-
SonicWall says attackers compromised some firewall configuration backup files
Between attackers exploiting 0-day and n-day vulnerabilities in the company’s firewalls and Secure Mobile Access appliances, SonicWall and its customers have had a tough … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/18/sonicwall-attackers-firewall-configuration-backup-files/
-
How to Set Up and Use a Burner Phone
Obtaining and using a true burner phone is hard”, but not impossible. Here are the steps you need to take to protect your mobile communications based on the risks you face. First seen on wired.com Jump to article: www.wired.com/story/how-to-set-up-use-burner-phone/
-
‘SlopAds’ Fraud Campaign Uses Novel Obfuscation Techniques
Steganography, Mobile Marketing Attribution, Code Obfuscation Deployed for Ad Fraud. A cybercrime crew using Android mobile apps to conduct advertising fraud took unusual pains to hide its activity, concealing malicious code in downloadable digital images and holding off from infecting the subset of users who organically found their apps through the Google Play store. First…
-
Sidewinder Hackers Weaponize Nepal Protests to Spread Cross-Platform Malware
Sidewinder, a well-known advanced persistent threat (APT) group, has adapted its tactics to exploit the ongoing protests in Nepal, deploying a coordinated campaign of mobile and Windows malware alongside credential phishing. By masquerading as respected national institutions and figures, the group seeks to harvest sensitive data from users tracking the nation’s political turmoil. The protests,…
-
Chinese Guarantee Syndicates and the Fruit Machine
When I was speaking to a group of Bank Security people in New York City yesterday, I mentioned “machine rooms” — which are rooms full of Apple iPhones that are used to send iMessage phishing spam. Someone in the audience asked “Where would they get that many phones?” The kids like to use the acronym…
-
How Everyday Apps Leak More Data Than You Realize
Most mobile apps silently leak personal data to third parties, even trusted ones. From trackers in Google Play apps to high-profile breaches like Strava and British Airways, app data leakage is a growing privacy risk. Learn why apps leak data and how to protect yourself. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/how-everyday-apps-leak-more-data-than-you-realize/
-
Black Box Testing vs. White Box: The Hidden Risks of Choosing Wrong
With attacks on applications growing rapidly, regular testing of web and mobile platforms has become critical. In fact, statistics show that web applications are involved in 26% of breaches, ranking as the second most exploited attack pattern. There are multiple testing types, like black box testing, white box, gray box, etc., that can help organizations……
-
12 digital forensics certifications to accelerate your cyber career
Tags: access, apt, attack, browser, chrome, cloud, computer, corporate, cyber, cybercrime, cybersecurity, data, defense, detection, email, endpoint, exploit, google, government, group, hacker, hacking, Hardware, incident response, international, jobs, law, malicious, malware, microsoft, mobile, network, phone, service, skills, soc, technology, threat, tool, training, windowsCellebrite Certified Mobile Examiner (CCME)Certified Computer Examiner (CCE)CyberSecurity Forensic Analyst (CSFA)EC-Council Computer Hacking Forensic Investigator (CHFI)EnCase Certified Examiner (EnCE)Exterro AccessData Certified Examiner (ACE)GIAC Advanced Smartphone Forensics Certification (GASF)GIAC Certified Forensics Analyst (GCFA)GIAC Certified Forensic Examiner (GCFE)GIAC Cloud Forensic Responder (GCFR)GIAC Network Forensic Analysis (GNFA)Magnet Certified Forensics Examiner (MCFE) Cellebrite Certified Mobile Examiner (CCME) Out of…
-
Top 10 Best Mobile Application Penetration Testing Services in 2025
Mobile Application Penetration Testing is a critical cybersecurity service in 2025, focusing on a unique and rapidly evolving attack surface. These tests go beyond static code analysis to assess an app’s runtime behavior, server-side interactions, and how it handles sensitive data. The top companies in this field offer a blend of automated platforms for continuous…
-
California legislature passes bill forcing web browsers to let consumers automatically opt out of data sharing
Gov. Gavin Newsom vetoed an earlier version of the bill which would also have applied to mobile operating systems last year. First seen on therecord.media Jump to article: therecord.media/california-legislature-passes-bill-data-sharing-opt-out
-
Imperva API Security: Authentication Risk Report”, Key Findings Fixes
An in-depth analysis of common JSON Web Token (JWT) mistakes, basic auth, long-lived tokens, and quick, high-impact fixes to secure your APIs. Introduction APIs are the backbone of modern digital services”, from mobile apps and e-commerce to banking and IoT. That scale and utility also make them prime targets. In our recent study of authentication-related…
-
Data from Police Body Camera Apps Routed to Chinese Cloud Servers Over TLS Port 9091
The security and integrity of police body camera footage underpin the validity of evidence presented in court proceedings. However, a recent investigation into a budget-friendly body camera system revealed that its companion mobile application”, Viidure”, transmits sensitive device identifiers and user data to cloud servers based in China over a nonstandard TLS port. Such behavior…
-
Data from Police Body Camera Apps Routed to Chinese Cloud Servers Over TLS Port 9091
The security and integrity of police body camera footage underpin the validity of evidence presented in court proceedings. However, a recent investigation into a budget-friendly body camera system revealed that its companion mobile application”, Viidure”, transmits sensitive device identifiers and user data to cloud servers based in China over a nonstandard TLS port. Such behavior…
-
RatOn Android Malware Detected With NFC Relay and ATS Banking Fraud Capabilities
A new Android malware called RatOn evolved from a basic tool capable of conducting Near Field Communication (NFC) attacks to a sophisticated remote access trojan with Automated Transfer System (ATS) capabilities to conduct device fraud.”RatOn merges traditional overlay attacks with automatic money transfers and NFC relay functionality making it a uniquely powerful threat,” the Dutch…
-
RatOn Hijacks Bank Account to Launch Automated Money Transfers
Dubbed RatOn, that combines traditional overlay attacks with NFC relay tactics to hijack bank accounts and initiate automated money transfers. Developed from scratch by a threat actor group observed since July 2025, RatOn represents a significant evolution in mobile fraud capabilities. Security researchers have uncovered a new Android banking trojan Unlike standalone NFC relay tools…
-
RatOn Hijacks Bank Account to Launch Automated Money Transfers
Dubbed RatOn, that combines traditional overlay attacks with NFC relay tactics to hijack bank accounts and initiate automated money transfers. Developed from scratch by a threat actor group observed since July 2025, RatOn represents a significant evolution in mobile fraud capabilities. Security researchers have uncovered a new Android banking trojan Unlike standalone NFC relay tools…
-
Over 143,000 Malware Files Target Android and iOS Users in Q2 2025
In the second quarter of 2025, users of Android and iOS devices faced relentless cyberthreats, with Kaspersky Security Network reporting nearly 143,000 malicious installation packages detected across its mobile security products. Although the overall number of mobile attacks”, including malware, adware, and potentially unwanted software”, dropped to 10.71 million in Q2, Trojans remained the predominant…
-
Unified Security Visibility
Cybersecurity today is more complex than ever before. Organizations operate in hybrid and multi-cloud environments, manage remote and mobile workforces, and depend on countless third-party applications and integrations. This interconnectedness drives innovation”, but it also creates fragmented security silos that adversaries exploit. Most businesses still rely on multiple point solutions for monitoring endpoints, networks, cloud,…