About the security content of iOS 18.2 and iPadOS 18.2 – Apple Support

December 11, 2024 at 01:33PM Apple’s iOS 18.2 and iPadOS 18.2 address multiple security vulnerabilities with improved checks and memory handling. Notable risks include potential unauthorized access to private information, memory corruption, and sensitive data leaks. Updates are available for iPhone XS and later, various iPad models, enhancing overall system security. ### Meeting Notes Summary … Read more

About the security content of watchOS 11.2 – Apple Support

December 11, 2024 at 01:33PM Multiple vulnerabilities in watchOS 11.2, identified as CVE-2024-54526, CVE-2024-54527, CVE-2024-54513, and others, have been addressed through improved checks, added restrictions, and better memory handling. These may allow unauthorized access to private information or sensitive user data. Updates are available for Apple Watch Series 6 and later. ### Meeting Takeaways: 1. … Read more

About the security content of visionOS 2.1 – Apple Support

October 28, 2024 at 12:06PM Apple has released updates for visionOS 2.1 on Apple Vision Pro addressing various security vulnerabilities. These include improved handling of symlinks, memory management, and path handling issues that could lead to unauthorized access, information disclosure, or system crashes. The update is available as of October 28, 2024. ### Meeting Takeaways … Read more

Over 200 malicious apps on Google Play downloaded millions of times

October 15, 2024 at 10:32AM In one year, over 200 malicious apps on Google Play were identified, amassing nearly eight million downloads. Key threats included Joker, Adware, and Facestealer. Despite Google’s security measures, malware continues to bypass detection. Users are advised to read reviews and verify app permissions to avoid infection. ### Meeting Takeaways on … Read more

Google Blocks Unsafe Android App Sideloading in India for Improved Fraud Protection

October 7, 2024 at 05:57AM Google is piloting a new security initiative in India to automatically block unsafe Android apps from being sideloaded, following successful tests in Singapore, Thailand, and Brazil. The program aims to protect users from malicious apps obtained from sources other than the Google Play Store, highlighting Google’s commitment to mobile security. … Read more

‘Pig butchering’ trading apps found on Google Play, App Store

October 3, 2024 at 03:37PM Fake trading apps on Google Play and Apple’s App Store, known as “UniShadowTrade” malware, have been removed after attracting thousands of downloads. These apps perpetrate “pig butchering” scams, enticing victims with fake investment returns. Once funds are deposited, fraudsters prevent withdrawals, eventually absconding with the money. The threat has now … Read more

Fake Trading Apps Target Victims Globally via Apple App Store and Google Play

October 2, 2024 at 01:27PM Group-IB reported on a large-scale fraud campaign involving fake trading apps on Apple App Store and Google Play Store, using phishing sites to deceive victims. Operating globally, the campaign leverages social engineering, targeting victims for investment fraud. The cybercriminals utilized a fake app to deceive victims into making investments, subsequently … Read more

New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards

August 26, 2024 at 12:54AM Researchers have discovered new Android malware, NGate, aimed at stealing contactless payment data from physical credit and debit cards to conduct fraudulent operations. Targeting banks in Czechia, the attack involves social engineering and SMS phishing to trick users. NGate prompts victims to enter sensitive financial details and instigates an NFC … Read more

New Phishing Technique Bypasses Security on iOS and Android to Steal Bank Credentials

August 21, 2024 at 12:54PM ESET warns of new phishing tactic targeting iOS and Android users with web applications mimicking banking software to steal login credentials. Cybercriminals use Progressive Web Applications and WebAPKs to bypass security measures. The attacks combine voice calls, social media malvertising, and SMS messages to distribute links, mainly targeting mobile banking … Read more

Chameleon Android Banking Trojan Targets Users Through Fake CRM App

August 7, 2024 at 03:30AM Cybersecurity researchers uncovered a new tactic used by threat actors behind the Chameleon Android banking trojan. Masquerading as a Customer Relationship Management (CRM) app, the campaign targeted a Canadian restaurant chain and expanded to Europe. The malicious app deceives users with fake login pages to deploy the Chameleon payload, enabling … Read more