August 18, 2024 at 02:03PM Google is testing a new feature for Chrome on Android that redacts sensitive form fields, like credit card details and passwords, during screen sharing and recording. The feature is under testing and may be available in Chrome Canary in the coming weeks. It aims to address the issue of leaking … Read more
August 10, 2024 at 03:21PM Numerous security flaws in Google’s Quick Share for Android and Windows have been discovered, allowing for an RCE attack chain and posing serious risks such as unauthorized file writing and Wi-Fi connection manipulation. These vulnerabilities have been fixed in Quick Share version 1.0.1724.0, and Google is tracking them under two … Read more
July 23, 2024 at 08:15AM ESET has warned of a zero-day exploit affecting Telegram for Android, allowing threat actors to distribute malicious files disguised as videos. The vulnerability, dubbed EvilVideo, auto-downloads payloads containing APK files presented as multimedia previews. Users are advised to update their app to version 10.14.5 to address this issue. Based on … Read more
May 14, 2024 at 09:45AM Google and Apple are introducing an anti-stalking feature for Android 6.0+ and iOS 17.5 to alert users if someone uses a Bluetooth tag to track them. It aims to address alleged misuse of tracking devices for stalking. Apple’s Find My network has a similar alert feature for AirTags, and the … Read more
April 30, 2024 at 02:35PM Google has increased rewards for reporting remote code execution vulnerabilities in select Android apps, now offering up to $450,000. The company aims to focus on flaws leading to data theft, paying $75,000 for such exploits. The changes to the Mobile Vulnerability Rewards Program also include bonuses for exceptional quality reports … Read more
February 2, 2024 at 10:44AM The Indian APT group Patchwork used six Android espionage applications on Google Play, masquerading as messaging and news services, to distribute the VajraSpy remote access Trojan. ESET researchers found the RAT intercepts calls, messages, extracts WhatsApp and Signal messages, records calls, and takes pictures. The campaign primarily targeted Pakistani users … Read more
January 10, 2024 at 07:09AM In January 2024, Google released Android security updates, addressing a total of 58 vulnerabilities across the platform and Pixel devices. It included high-severity issues in Framework and System components. The update also addressed vulnerabilities in third-party components. Additionally, Pixel devices received fixes for three medium-severity vulnerabilities. Users are advised to … Read more
November 14, 2023 at 07:10PM The U.S. Department of Justice has announced the takedown of a botnet proxy service called IPStorm. The service allowed cybercriminals to run malicious traffic anonymously through various devices worldwide. A Russian-Moldovan national named Sergei Makinin pleaded guilty to computer fraud charges in connection to the case. Makinin profited from selling … Read more
November 3, 2023 at 12:54PM Google Play is now tagging VPN apps with an ‘independent security reviews’ badge if they have undergone an independent security audit. The audit follows the Mobile App Security Assessment (MASA) standard, which sets requirements for data storage, cryptography, authentication, and more. The badge aims to enhance transparency and trust. NordVPN, … Read more
October 9, 2023 at 03:49PM The recent surge in Predator spyware is attributed to Intellexa, an alliance of intelligence systems providers. The analysis by Amnesty International reveals that Intellexa operates an industrial-scale operation that trades surveillance tools across the globe. The report highlights numerous technologies Intellexa uses to intercept and subvert mobile networks, including network … Read more