Tag: phone
-
GPUAF: Two Methods to Root Qualcomm-Based Android Phones
by
in SecurityNewsSecurity researchers have exposed critical vulnerabilities in Qualcomm GPU drivers, impacting a vast array of Android devices from brands like Samsung, Honor, Xiaomi, and Vivo. These exploits, centered around the GPU Address Fault (GPUAF) primitive, target the kgsl_mem_entry and Virtual Buffer Object (VBO) structures. By leveraging race conditions and memory management flaws, attackers can achieve…
-
‘Source of data’: are electric cars vulnerable to cyber spies and hackers?
by
in SecurityNewsBritish defence firms have reportedly warned staff not to connect their phones to Chinese-made EVsMobile phones and desktop computers are longstanding targets for cyber spies but how vulnerable are electric cars?On Monday the i newspaper claimed that British defence firms working for the UK government have warned staff against connecting or pairing their phones with…
-
Misconfiguration leaks Second Phone Number iOS app data
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/misconfiguration-leaks-second-phone-number-ios-app-data
-
NFC-Powered Android Malware Enables Instant Cash-Outs
by
in SecurityNewsResearchers at security vendor Cleafy detailed a malware known as SuperCard X that uses the NFC reader on a victim’s own phone to steal credit card funds instantly. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/nfc-android-malware-instant-cash-outs
-
Despite Recent Security Hardening, Entra ID Synchronization Feature Remains Open for Abuse
by
in SecurityNewsMicrosoft synchronization capabilities for managing identities in hybrid environments are not without their risks. In this blog, Tenable Research explores how potential weaknesses in these synchronization options can be exploited. Synchronizing identity accounts between Microsoft Active Directory (AD) and Entra ID is important for user experience, as it seamlessly synchronizes user identities, credentials and groups…
-
10 key questions security leaders must ask at RSA 2025
by
in SecurityNews
Tags: access, ai, api, application-security, authentication, automation, business, cisa, ciso, cloud, conference, control, corporate, cve, cyber, cybersecurity, data, defense, detection, edr, endpoint, fido, finance, gartner, google, government, healthcare, infrastructure, microsoft, mitigation, mitre, monitoring, mssp, network, nist, passkey, password, phone, programming, resilience, risk, risk-management, service, software, strategy, switch, threat, tool, training, vulnerability, zero-trustIs agentic AI more myth than reality?: Building on 2024’s AI enthusiasm, this year will be all about agentic AI, defined as “a type of AI that enables software systems to act autonomously, making decisions and taking actions based on goals, with minimal human intervention,” according to AI itself (source: Google Gemini). We’ll see lots…
-
New payment-card scam involves a phone call, some malware and a personal tap
A new payment card scam uses malware disguised as a security tool or verification utility to capture card details and access funds. First seen on therecord.media Jump to article: therecord.media/new-payment-card-scam-involves-malware-tap
-
The UK’s phone theft crisis is a wake-up call for digital security
Phone theft is now commonplace in London. The Met Police recently revealed that it seizes 1,000 stolen phones weekly as it cracks down on organized criminal networks driving … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/18/uk-phone-theft-crisis/
-
Breach Roundup: Cyber Insurance Market Set to Double by 2030
by
in SecurityNewsAlso, a ‘Perfect Tool’ for Cyberespionage and EU Stocks Up on Burner Phones. This week, the cyber insurance market could double, Europe to use burner phones in the U.S., a BPFDoor campaign, Alcasec faces Spanish prison, a Thai harassment campaign and charges in Taiwan for a Chinese captain. China stonewalled a Swedish cable cutting investigation.…
-
Android Phones Pre-Downloaded With Malware Target User Crypto Wallets
The threat actors lace pre-downloaded applications with malware to steal cryptocurrency by covertly swapping users’ wallet addresses with their own. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/android-pre-downloaded-malware-crypto-wallets
-
Signalgate chats vanish from CIA chief phone
by
in SecurityNewsExtraordinary rendition of data, or just dropped it out of a helicopter? First seen on theregister.com Jump to article: www.theregister.com/2025/04/16/cia_signalgate_chat/
-
Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps
Cheap Chinese Android phones ship with trojanized WhatsApp and Telegram clones hiding crypto clippers, active since June 2024. Since June 2024, Doctor Web researchers found cheap Android phones preloaded with fake WhatsApp and Telegram apps designed to steal crypto via clipping. These clippers swap copied wallet addresses with the attackers’ own. The campaign targeted low-end…
-
Chinese Android Phones Shipped with Fake WhatsApp, Telegram Apps Targeting Crypto Users
Cheap Android smartphones manufactured by Chinese companies have been observed pre-installed with trojanized apps masquerading as WhatsApp and Telegram that contain cryptocurrency clipper functionality as part of a campaign since June 2024.While using malware-laced apps to steal financial information is not a new phenomenon, the new findings from Russian antivirus vendor Doctor Web point to…
-
For security, Android phones will now auto-reboot after three days
by
in SecurityNewsThe update comes months after Apple pushed its own “inactivity reboot” feature. First seen on techcrunch.com Jump to article: techcrunch.com/2025/04/15/for-security-android-phones-will-now-auto-reboot-after-three-days/
-
EU confirms issuing ‘burner phones’ to top officials but denies practice caused by Trump
by
in SecurityNews
Tags: phoneThe European Commission said it does issue “burner phones” to officials, but there has been no specific guidance recommending that they be used while on missions in the U.S. First seen on therecord.media Jump to article: therecord.media/eu-burner-phones-traveling-officials
-
EU gives staff ‘burner phones, laptops’ for US visits
by
in SecurityNewsThat would put America on the same level as China for espionage First seen on theregister.com Jump to article: www.theregister.com/2025/04/15/ec_burner_devices/
-
Chinese police ensnaring Tibetans over phone and internet activity, Human Rights Watch says
by
in SecurityNewsDozens of people in Tibet have been arrested by Chinese authorities in recent years for “simply using a cellphone,” according to the nonprofit Human Rights Watch. First seen on therecord.media Jump to article: therecord.media/tibetans-arrests-internet-phone-use-china
-
Pre-Installed Malware on Cheap Android Phones Steals Crypto via Fake WhatsApp
by
in SecurityNewsCheap Android phones with preinstalled malware use fake apps like WhatsApp to hijack crypto transactions and steal wallet recovery phrases. First seen on hackread.com Jump to article: hackread.com/pre-installed-malware-cheap-android-phones-crypto-fake-whatsapp/
-
How Online Poker Platforms Stay a Step Ahead of Cyber Threats
by
in SecurityNewsOnline poker is exploding more people than ever are playing from their phones and laptops instead of going to casinos. With such change comes a big responsibility for poker sites and apps keeping everything safe. Players expect fast gameplay, smooth payments, and, most importantly, to feel safe. That’s why leading poker platforms are The post…
-
Wyden to block Trump’s CISA nominee until agency releases report on telecoms’ ‘negligent cybersecurity’
by
in SecurityNewsOregon Sen. Ron Wyden (D) will block the nomination of Sean Plankey over what he called CISA’s “multi-year cover up of the phone companies’ negligent cybersecurity.” First seen on therecord.media Jump to article: therecord.media/wyden-blocks-plankey-nomination-cisa
-
Whatsapp plugs bug allowing RCE with spoofed filenames
by
in SecurityNewsWhatsapp makes for a popular attack vector: Whatsapp has been frequently targeted in the past for its popularity as an encrypted chatting platform. With over 10 billion downloads on Google Play Store alone, the platform makes for a lucrative target for threat actors.A similar security oversight was reported in July 2024 to be affecting the…
-
Google addresses 2 actively exploited vulnerabilities in security update
by
in SecurityNewsSerbian security services exploited one of the actively exploited vulnerabilities to break into the phone of a youth activist in Serbia, according to Amnesty International. First seen on cyberscoop.com Jump to article: cyberscoop.com/android-security-update-april-2025/
-
A flaw in Verizon’s iOS Call Filter app exposed call records of millions
by
in SecurityNewsA now-patched flaw in Verizon ‘s iOS Call Filter app exposed call records of millions. No abuse found. Only phone numbers and timestamps were at risk. A now-patched vulnerability in Verizon ‘s iOS Call Filter app could have been exploited to harvest the call records of millions of Americans. Verizon’s Call Filter app allows users…
-
Port of Seattle ‘s August data breach impacted 90,000 people
by
in SecurityNewsPort of Seattle is notifying 90,000 people of a data breach after personal data was stolen in a ransomware attack in August 2024. In August 2024, a cyber attack hit the Port of Seattle, which also operates the Seattle-Tacoma International Airport. The attack impacted websites and phone systems. According to The Seattle Times, the cyber…
-
Beware! Fake Unpaid Tolls Messages Used in Phishing Attack to Steal Login Credentials
by
in SecurityNewsA surge in phishing text messages claiming unpaid tolls has been linked to a massive phishing-as-a-service (PhaaS) operation. These scams, which have been hitting users’ phones in waves, are part of a sophisticated campaign leveraging a platform called Lucid. Cybercriminals behind this scheme are exploiting legitimate communication technologies like Apple iMessage and Android RCS to…
-
Counterfeit Phones Carrying Hidden Revamped Triada Malware
by
in SecurityNewsThe malware, first discovered in 2016, has been updated over the years, and the latest version is now hiding in the firmware of counterfeit mobile phones. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/counterfeit-phones-infected-triada-malware