Open WhisperSystems today released Signal, a free app that brings encrypted calling to the iPhone.
Browsing Category: Mobile Security
There is a critical vulnerability in millions of Android devices that allows a malicious app to impersonate a trusted application in a transparent way.
When the topic of mobile security comes up, users and researchers often discuss Android as if it’s one monolithic operating system like iOS is. But the fact is that there are nearly as many versions of Android as there are Android devices, which has led to plenty of confusion when it’s time to fix a security[...]
Researchers at Kaspersky Lab report on the infrastructure supporting the Koler ransomware, which not only has components targeting Android devices, but also redirects desktop browsers to other ransomware and exploit kits.
There are a number of undocumented and hidden features and services in Apple iOS that can be used to bypass the backup encryption on iOS devices and remove large amounts of users’ personal data.
The EFF is working on an open wireless router firmware that’s designed to be a secure and flexible alternative to the existing software that runs on home and small business routers, much of which is notoriously insecure. The Open Wireless Router project, which the organization announced at the HOPE X conference over the weekend, is[...]
The latest update to Chrome on Android fixes two bugs, including a critical flaw in the browser that could have let an attacker trick a user into visiting a malicious site.
Google has failed to implement certificate pinning in its official iOS Gmail application, which could enable Man-in-the-Middle attacks exposing encrypted user communications.
A pair of Android vulnerabilities in ever version prior to KitKat could give an attacker the ability to make and end phone calls and send USSD codes using a malicious application.
Oftentimes, looking at a given security vulnerability or mistake by a vendor, it’s easy to wonder how on earth the bug got through in the first place or the company didn’t catch the problem earlier. That definitely could have been the case with the recently disclosed bypass of PayPal’s two-factor authentication mechanism, but, as is[...]