Cybersecurity firm Lookout found several samples of a North Korean spyware it calls KoSpy.
Lookout researchers have discovered a novel Android surveillance tool dubber KoSpy. It is attributed to APT 37 aka ScarCruft
Amnesty International’s Security Lab uncovers sophisticated Cellebrite zero-day exploit, impacting billions of Android devices.
Amnesty International said that Google fixed previously unknown flaws in Android that allowed authorities to unlock phones using forensic tools. On
A bug in the Android and iPhone monitoring operations allows anyone to access private data exfiltrated from a victim's device.
Discover BADBOX, a new botnet pre-infecting Android devices—including TVs—via factory malware. Explore supply chain threats from one SSL certificate.
Amnesty said it found NoviSpy, an Android spyware linked to Serbian intelligence, on the phones of several members of Serbian civil society following police stops.
The team at CYFIRMA analyzed a malicious Android sample designed to target high-value assets in Southern Asia. This sample, attributed to an unknown threat actor, was generated using the Spynote Remote Administration Tool. While the specifics of the targeted asset remain confidential, it is likely that such a target would attract the interest of APT groups. However, we are restricted from disclosing further details about the actual target and its specific region. For a comprehensive analysis, please refer to the detailed report
The documents provide never-been-seen insight into the current cat-and-mouse game between forensics companies and phone manufacturers Apple and Google.
EXC: Security researchers at Google and Amnesty International discovered hackers exploiting the bug in an active hacking campaign.
Authored by SangRyol Ryu Recently, McAfee’s Mobile Research Team uncovered a new type of mobile malware that targets mnemonic keys by scanning for images
ESET Research uncovers Android malware that relays NFC data from victims’ payment cards, via victims’ mobile phones, to the device of a perpetrator waiting at an ATM.
Android security updates this month patch 46 vulnerabilities, including a high-severity remote code execution (RCE) exploited in targeted attacks.
Mandrake spyware threat actors resume attacks with new functionality targeting Android devices while being publicly available on Google Play.
A Telegram for Android zero-day vulnerability dubbed 'EvilVideo' allowed attackers to send malicious Android APK payloads disguised as video files.
Earlier this week, the FBI announced that it had accessed the locked phone of Thomas Matthew Crooks, the man who opened fire at a Trump rally last Saturday. A new report from Bloomberg today reveals more details about this process and the phone used by Crooks.
After Saturday’s Trump rally shooting, the FBI said on Sunday that it had been unsuccessful in unlocking Crooks’ phone. The phone was then sent to the FBI lab in Quanitco, Virginia, and on Tuesday the bureau confirmed that it had successfully unlocked the phone in question.
The Medusa banking trojan for Android has re-emerged after almost a year of keeping a lower profile in campaigns targeting France, Italy, the United States, Canada, Spain, the United Kingdom, and Turkey.
Android, Google’s most popular mobile operating system, powers billions of smartphones and tablets globally. Known for its open-source nature and flexibility, Android offers users a wide array of features, customization options, and access to a vast ecosystem of applications through the Google Play Store and other sources.
However, with its widespread adoption and open environment comes the risk of malicious activity. Android malware, a malicious software designed to target Android devices, poses a significant threat to users’ privacy, security, and data integrity. These malicious programs come in various forms, including viruses, Trojans, ransomware, spyware, and adware, and they can infiltrate devices through multiple vectors, such as app downloads, malicious websites, phishing attacks, and even system vulnerabilities.
Microsoft discovered a vulnerability pattern in multiple popular Android applications that could enable a malicious application to overwrite files in the vulnerable application’s internal data storage directory, which could lead to arbitrary code execution and token theft, among other impacts. We have shared our findings with Google’s Android Application Security Research team, as well as the developers of apps found vulnerable to this issue. We anticipate that the vulnerability pattern could be found in other applications. We’re sharing this research more broadly so developers and publishers can check their apps for similar issues, fix as appropriate, and prevent them from being introduced into new apps or releases.
