May 02, 2024NewsroomVulnerability / Android Several popular Android applications available in Google Play Store are susceptible to a path traversal-affiliated vulnerability that could be exploited by a malicious app to overwrite arbitrary files in the vulnerable app's home directory. "The implications of this vulnerability pattern include arbitrary code execution and token … [Read more...] about Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw
Android
‘eXotic Visit’ Spyware Campaign Targets Android Users in India and Pakistan
Apr 10, 2024NewsroomMobile Security / Spyware An active Android malware campaign dubbed eXotic Visit has been primarily targeting users in South Asia, particularly those in India and Pakistan, with malware distributed via dedicated websites and Google Play Store. Slovak cybersecurity firm said the activity, ongoing since November 2021, is not linked to any known threat actor … [Read more...] about ‘eXotic Visit’ Spyware Campaign Targets Android Users in India and Pakistan
Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices
Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the surveillance-for-hire industry. The findings are part of its Adversarial Threat Report for the fourth quarter of 2023. The spyware targeted iOS, Android, and Windows devices. "Their various malware … [Read more...] about Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices
Elastic APM for iOS and Android Native apps
We can see there are a couple of lifecycle events that tell us that the app was restarted during the session. This is an important hint because it means that the Android OS killed our app at some point, which is common when an app stays in the background for a while. With this information, we could try to reproduce the issue by forcing the OS to kill our app in the background … [Read more...] about Elastic APM for iOS and Android Native apps
MoqHao Android Malware Evolves with Auto-Execution Capability
Feb 09, 2024NewsroomMobile Security / Cyber Threat Threat hunters have identified a new variant of Android malware called MoqHao that automatically executes on infected devices without requiring any user interaction. "Typical MoqHao requires users to install and launch the app to get their desired purpose, but this new variant requires no execution," McAfee Labs said in a … [Read more...] about MoqHao Android Malware Evolves with Auto-Execution Capability
Patchwork Using Romance Scam Lures to Infect Android Devices with VajraSpy Malware
Feb 05, 2024NewsroomCyber Espionage / Cyber Extortion The threat actor known as Patchwork likely used romance scam lures to trap victims in Pakistan and India, and infect their Android devices with a remote access trojan called VajraSpy. Slovak cybersecurity firm ESET said it uncovered 12 espionage apps, six of which were available for download from the official Google Play … [Read more...] about Patchwork Using Romance Scam Lures to Infect Android Devices with VajraSpy Malware
Google Using Clang Sanitizers to Protect Android Against Cellular Baseband Vulnerabilities
Dec 13, 2023NewsroomMobile Communication / Firmware security Google is highlighting the role played by Clang sanitizers in hardening the security of the cellular baseband in the Android operating system and preventing specific kinds of vulnerabilities. This comprises Integer Overflow Sanitizer (IntSan) and BoundsSanitizer (BoundSan), both of which are part of … [Read more...] about Google Using Clang Sanitizers to Protect Android Against Cellular Baseband Vulnerabilities
How to hack Android, macOS, iOS, and Linux through a Bluetooth vulnerability
A severe vulnerability has been found in the implementations of the Bluetooth protocol across several popular operating systems: Android, macOS, iOS, iPadOS, and Linux. This bug potentially allows remote hacking of vulnerable devices without any particular actions required on the part the user. Let’s dive into the details. The Bluetooth vulnerability allows you to connect a … [Read more...] about How to hack Android, macOS, iOS, and Linux through a Bluetooth vulnerability
New Bluetooth Flaw Let Hackers Take Over Android, Linux, macOS, and iOS Devices
Dec 07, 2023The Hacker NewsMobile Security / Vulnerability A critical Bluetooth security flaw could be exploited by threat actors to take control of Android, Linux, macOS and iOS devices. Tracked as CVE-2023-45866, the issue relates to a case of authentication bypass that enables attackers to connect to susceptible devices and inject keystrokes to achieve code execution as … [Read more...] about New Bluetooth Flaw Let Hackers Take Over Android, Linux, macOS, and iOS Devices
Restricted Settings in Android 13 and 14
With each new version of the Android operating system, new features are added to protect users from malware. For example, Android 13 introduced Restricted Settings. In this post, we’ll discuss what this feature involves, what it’s designed to protect against, and how effectively it does its job (spoiler: not very well). What are Restricted Settings? How do Restricted Settings … [Read more...] about Restricted Settings in Android 13 and 14