Malware that targets Android phones has been on a steady rise for the last couple of years, and much of it has come in the form of compromised apps or outright malicious apps disguised as games or utilities. But now researchers have come across a new Android threat that is designed specifically to steal users’ online banking credentials and create persistent, silent access to the compromised handset.
Browsing Category: Mobile Security
Those multi-gesture passcode locks on Android phones that give users (and their spouses) fits apparently present quite a challenge for the FBI as well. Frustrated by a swipe passcode on the seized phone of an alleged gang leader, FBI officials have requested a search warrant that would force Google to “provide law enforcement with any and all means of gaining access, including login and password information, password reset, and/or manufacturer default code (“PUK”), in order to obtain the complete contents of the memory of cellular telephone”.
Attackers are using a some new schemes that combine old phishing tactics with some newer techniques in order to steal or disable the SIM cards in victims’ mobile phones and then take them over for use in bank fraud transactions.
Researchers at Symantec have identified a spike in Twitter messages carrying links to malicious programs for Android mobile devices in recent weeks, according to a post on Symantec’s Security Response blog on Monday.
VIEW SLIDESHOW: Weird Science: 10 Forms of Biometric Authentication In the past twenty years, we’ve gone from using amber-tinted dumb terminals connected to refrigerator-sized mainframe computers to sleek tablet computers and smart phones tucked into our pockets. Despite those changes, one technology has stubbornly persisted: passwords. Indeed, the explosion in computing devices and Web-based services has made us more dependent on passwords than ever.
VANCOUVER–The shift to mobile computing platforms in recent years has made life much easier for many users, but it’s also made life a lot more difficult for security researchers. Working on any software or hardware product carries with it a number of potential legal challenges, but mobile and embedded devices have their own special set of pitfalls that are beginning to present problems for researchers.
Cupertino, California-based Apple released fixes for a bevy of security flaws in its iOS mobile operating system, including security flaws affecting the Siri personal assistant, the iOS passcode feature, and more than five dozen flaws in the WebKit Web rendering enging used by both iOS and Android devices.
As the privacy and tracking debate rages in the desktop arena, Mozilla has made a jump to the mobile world by announcing its new Boot to Gecko project, which will include an implementation of the Do Not Track technology on mobile devices. This is the first such implementation and it will give users the ability to tell mobile sites that they don’t want to be tracked persistently while using the Web from their phones.
Adobe on Monday issued two emergency fixes for critical security vulnerabilities in its Flash Player product. The vulnerabilities, if left unpatched, could allow an attacker to take control of a system running a vulnerable version of Flash Player.
Dennis Fisher talks with Paul Judge of Barracuda Labs about his new project, which uses data on the vendors and products on display at the RSA Conference to determine which topics and technologies are the hottest at the moment.