Multiple weaknesses exist in AppLock, a popular lock application for Android devices that boasts over 100 million users.
Browsing Category: Mobile Security
Researchers have discovered a new strain of iOS malware dubbed KeyRaider that targets jailbroken devices and has the ability to steal certificates, private keys, and Apple account information. The malware already has claimed the private Apple account data of more than 225,000 victims. The KeyRaider malware was discovered by researchers at Palo Alto Networks, who[…]
Indiana University researchers developed a scanner called MassVet that finds malicious apps hiding in Android markets such as Google Play.
A patched iOS vulnerability can be exploited to allow malicious apps to bypass background restrictions and exploit Apple devices.
A mobile application exploiting the so-called Certifi-gate vulnerability disclosed at Black Hat has been removed from the Google Play store.
Vulnerabilities exist in two fairly popular alternative browsers for Android – Dolphin and Mercury — that depending on the browser could result in either remote code execution or arbitrary read/write access.
Apple patched an issue last week in iOS that could have allowed attackers to bypass the third-party app-sandbox protection mechanism on devices and read arbitrary managed preferences via a special app.
Dennis Fisher and Mike Mimoso talk about the news from Black Hat, car hacking, the Mary Ann Davidson blog post, and the Android security mess.
The OwnStar attack that hacker Samy Kamkar revealed late last month can be used against not only GM vehicles, but cars manufactured by Mercedes-Benz, BMW, and Chrysler, as well. The attack allows Kamkar to intercept the traffic from nearby mobile phones that have specific apps open that control safety and security features on their vehicles.[…]
The Android security team at Google is having a busy month. First the Stagefright vulnerabilities surfaced last month just before Black Hat and now researchers at MWR Labs have released information on an unpatched vulnerability that allows an attacker to bypass the Android sandbox. The vulnerability lies in the way that the Google Admin application[…]