February 19, 2024 at 06:21AM The Android banking trojan Anatsa has extended its reach to Slovakia, Slovenia, and Czechia in a new campaign observed in November 2023, exploiting accessibility service and bypassing Google Play’s protections. Anatsa targets banking customers with dropper apps on the Play Store, gaining control over devices, stealing credentials, and perpetrating fraudulent … Read more
February 15, 2024 at 09:51AM New Wi-Fi authentication bypass vulnerabilities in open source software discovered by Mathy Vanhoef and Heloise Gollier pose threats to enterprise and home networks. The flaws affect Wpa_supplicant and Intel’s iNet Wireless Daemon (IWD) software. Exploitation could lead to traffic interception and unauthorized access to Wi-Fi networks. Vendors have been notified … Read more
February 7, 2024 at 01:59PM Google is fighting financial fraud by blocking the sideloading of Android APK files with risky permissions. Scams cost Android users over $1 trillion in 2023, so Google has launched a pilot program to scan APKs and block installations that request risky permissions. This security feature has already identified many unwanted … Read more
February 6, 2024 at 07:36AM Google announced patches for 46 Android vulnerabilities, including a critical bug (CVE-2024-0031) in the System component, enabling remote code execution. The 2024-02-01 security patch level fixed this flaw and 14 other high-severity defects. A subsequent update on 2024-02-05 addressed 31 high-severity issues in various components. Google also patched seven Pixel … Read more
February 5, 2024 at 06:06PM Google donated $1 million to the Rust Foundation to improve interoperability between Rust and C++. The investment aims to expand Rust’s adoption, given its ability to prevent vulnerabilities. This supports the pressure on software developers to consider Rust and other memory-safe languages. The grant will specifically address the challenge of … Read more
January 31, 2024 at 02:16PM A proof-of-concept (PoC) exploit for CVE-2023-45779, a local privilege elevation flaw affecting seven Android OEMs, has been publicly released on GitHub by Meta’s Red Team X. The flaw, addressed in Android’s December 2023 security update, results from insecure signing of APEX modules. Devices with the 2023-12-05 security patch are protected. … Read more
January 16, 2024 at 11:12AM PAX Technology’s Android-based PoS terminals are vulnerable to multiple exploits allowing attackers to execute arbitrary code or commands, according to a report by STM Cyber. The vulnerabilities, affecting various PAX devices, include the ability to manipulate payment data, inject shell commands, and execute arbitrary code with root privileges. Patches have … Read more
January 14, 2024 at 02:36PM The GrapheneOS team suggests introducing an auto-reboot feature for Android to reduce exploitation of firmware flaws, affecting data theft and spying on Google Pixel and Samsung Galaxy phones. They recommend a shorter reboot interval and emphasize the importance of device encryption and security. Google is reviewing the reported vulnerabilities while … Read more
December 27, 2023 at 04:18AM A new Android backdoor, Xamalicious, has been uncovered by McAfee Mobile Research Team. It leverages accessibility permissions to execute malicious actions, including retrieving a second-stage payload and taking control of devices for fraudulent activities. The threat has been associated with 25 apps and is particularly prevalent in several countries, including … Read more
December 21, 2023 at 12:18PM Cybersecurity researchers identified an updated version of Android banking malware “Chameleon,” which expanded its targeting to include users in the U.K. and Italy. The malware excels in executing Device Takeover using the accessibility service and is now being delivered via Zombinder. The latest findings also revealed its ability to disrupt … Read more