September 24, 2024 at 08:53AM A new version of the Octo Android malware, known as “Octo2,” is spreading in Europe disguised as NordVPN, Google Chrome, and Europe Enterprise app. Based on the meeting notes, it seems that a new version of the Octo Android malware, called “Octo2,” has been detected spreading across Europe. It is … Read more
September 20, 2024 at 03:39AM Google introduced a Password Manager PIN for Chrome web users to securely sync passkeys across various devices. This PIN enhances security by end-to-end encrypting the passkeys, preventing access by anyone, including Google. Users can create a longer alpha-numeric PIN and are no longer required to scan a QR code. iOS … Read more
September 18, 2024 at 03:03AM The GSM Association aims to implement end-to-end encryption (E2EE) for messages between Android and iOS ecosystems through the RCS Universal Profile. This follows Apple’s support for RCS in its Messages app and Google’s adoption of the Signal protocol for RCS security. Meta also detailed plans for interoperability with third-party messaging … Read more
August 18, 2024 at 02:03PM Google is testing a new feature for Chrome on Android that redacts sensitive form fields, like credit card details and passwords, during screen sharing and recording. The feature is under testing and may be available in Chrome Canary in the coming weeks. It aims to address the issue of leaking … Read more
August 10, 2024 at 03:21PM Numerous security flaws in Google’s Quick Share for Android and Windows have been discovered, allowing for an RCE attack chain and posing serious risks such as unauthorized file writing and Wi-Fi connection manipulation. These vulnerabilities have been fixed in Quick Share version 1.0.1724.0, and Google is tracking them under two … Read more
July 23, 2024 at 08:15AM ESET has warned of a zero-day exploit affecting Telegram for Android, allowing threat actors to distribute malicious files disguised as videos. The vulnerability, dubbed EvilVideo, auto-downloads payloads containing APK files presented as multimedia previews. Users are advised to update their app to version 10.14.5 to address this issue. Based on … Read more
May 14, 2024 at 09:45AM Google and Apple are introducing an anti-stalking feature for Android 6.0+ and iOS 17.5 to alert users if someone uses a Bluetooth tag to track them. It aims to address alleged misuse of tracking devices for stalking. Apple’s Find My network has a similar alert feature for AirTags, and the … Read more
April 30, 2024 at 02:35PM Google has increased rewards for reporting remote code execution vulnerabilities in select Android apps, now offering up to $450,000. The company aims to focus on flaws leading to data theft, paying $75,000 for such exploits. The changes to the Mobile Vulnerability Rewards Program also include bonuses for exceptional quality reports … Read more
February 2, 2024 at 10:44AM The Indian APT group Patchwork used six Android espionage applications on Google Play, masquerading as messaging and news services, to distribute the VajraSpy remote access Trojan. ESET researchers found the RAT intercepts calls, messages, extracts WhatsApp and Signal messages, records calls, and takes pictures. The campaign primarily targeted Pakistani users … Read more
January 10, 2024 at 07:09AM In January 2024, Google released Android security updates, addressing a total of 58 vulnerabilities across the platform and Pixel devices. It included high-severity issues in Framework and System components. The update also addressed vulnerabilities in third-party components. Additionally, Pixel devices received fixes for three medium-severity vulnerabilities. Users are advised to … Read more