A rogue “Guide for Pokémon GO” app made it into Google Play’s marketplace and gave attackers root access to any Android device it was installed on.
Browsing Category: Mobile Security
Google Project Zero announced a six-month Android bug bounty program that requires researchers to file bugs as they find them, rather than hoard the whole chain.
Today’s release of iOS 10 also included patches for seven vulnerabilities and the news that security updates will now be delivered by HTTPS connections.
Google Project Zero this week disclosed details on a critical vulnerability in Libutils in Android that is similar to the Stagefright flaws.
Four leading network management system providers patched nearly a dozen critical cross-site scripting vulnerabilities disclosed Wednesday by Rapid7.
Google patched another critical vulnerability that affects potentially every Android device that is exploitable just with a specially crafted jpeg file.
Today’s monthly Android Security Bulletin includes patches for the remaining Quadrooter vulnerabilities in Qualcomm chipsets.
Google patched an undocumented vulnerability that allowed attackers to bypass Nexus 5X device’s lock screen via a forced memory dump that exposed the device owner’s password.
Apple has patched the Trident vulnerabilities in OS X and Safari. The flaws were originally disclosed in iOS and used to spy on a UAE human rights activist.
Researcher warn medical devices made by St. Jude Medical are at risk of attacks via SSH certificate reuse vulnerabilities and static credentials that can easily give hackers root access to key monitoring equipment.