June 18, 2024 at 03:51AM The Singapore Police Force (SPF) extradited two men from Malaysia linked to a mobile malware campaign. The suspects targeted Android users and used phishing scams to steal personal data and banking information. The SPF, in collaboration with other law enforcement agencies, apprehended 16 cyber criminals and reported over 4,000 victims. … Read more
June 13, 2024 at 10:25AM The threat actor Arid Viper is behind a mobile espionage campaign using trojanized Android apps to distribute spyware called AridSpy. The campaign targets users in Palestine and Egypt through fake messaging and job opportunity apps. AridSpy is capable of downloading additional payloads and harvesting data from infected devices. From the … Read more
June 13, 2024 at 06:08AM A new report from Cisco Talos details a group called “Cosmic Leopard,” operating as “Operation Celestial Force,” which has been conducting cyber espionage against Indian government and defense entities for at least six years. The group’s tactics include using malware like GravityRAT and HeavyLift to target individuals and organizations. Preventative … Read more
June 13, 2024 at 04:00AM Google has warned of a zero-day security flaw, CVE-2024-32896, in Pixel Firmware, being exploited in targeted attacks. The June 2024 security update addresses a total of 50 vulnerabilities, including denial-of-service issues and information disclosure flaws in Qualcomm chipsets. Updates are available for supported Pixel devices. Previous security flaws have also … Read more
June 11, 2024 at 11:18AM UK authorities have arrested two suspects in Manchester and London for their involvement in a smishing campaign, using a homemade mobile antenna to send phishing SMS messages. The messages were designed to mimic those from official organizations and bypass network protections. The investigation involved collaboration with telecoms operators and authorities … Read more
June 11, 2024 at 03:21AM Arm has warned of a security vulnerability in Mali GPU Kernel Driver, CVE-2024-4610, actively exploited in the wild. The issue affects certain products, allowing improper GPU memory processing operations for unauthorized access. The vulnerability has been addressed in Bifrost and Valhall GPU Kernel Driver r41p0, with reports of exploitation in … Read more
May 28, 2024 at 05:51PM Summary: Over 90 malicious Android apps, including Anatsa banking trojan, were found on Google Play, amassing over 5.5 million installations. Anatsa targets financial institutions, using deceptive decoy apps and multi-stage payload loading to evade detection. Though only 3% of total malicious downloads, Anatsa and Coper pose high-risk on-device fraud. Review … Read more
May 28, 2024 at 11:02AM Over 90 malicious mobile apps, including the Anatsa banking Trojan, have been downloaded over 5.5M times from the Google Play store. These apps act as decoys and spread various malware. The Anatsa Trojan uses evasive tactics to steal sensitive banking credentials, primarily targeting Android users in Europe but expanding globally. … Read more
May 10, 2024 at 07:00AM Malicious Android apps posing as popular services like Google, Instagram, and WhatsApp are stealing user credentials. These apps gain control over devices, allowing for unauthorized actions like data theft and malware deployment. Social engineering campaigns and phishing URLs are also being used to propagate Android malware, leading to increased attacks … Read more
May 6, 2024 at 06:33AM Multiple security vulnerabilities have been reported in various applications and system components within Xiaomi devices running Android. The flaws include access to system privileges, theft of files, and disclosure of sensitive data. Notable issues impact apps like Gallery, Settings, and Mi Video. Xiaomi has been notified, and users are urged … Read more