Google has made a subtle, but important, shift in the requirements for Android handset makers, saying now that OEMs manufacturing phones that will run Lollipop do not have to enable disk encryption by default. This is a major change from the company’s stated position from just a few months ago, but it may not have[…]
Browsing Category: Mobile Security
Signal 2.0 is available from Open WhisperSystems, and brings encrypted messaging to the iPhone.
Despite leaked documents from the NSA showing otherwise, officials at Gemalto on Wednesday said the company has found no evidence that its SIM card infrastructure was compromised several years ago by the NSA and GCHQ. The company identified a handful of what it called sophisticated attacks in the timeframe in questions, but said none of[…]
Gemalto officials say that while they are still in the process of investigating whether the company was compromised by the NSA and GCHQ to access the encryption keys for its SIM cards, they say they believe their products and platforms are secure. In a statement issued Monday, Gemalto officials said they are still trying to[…]
Using a combination of vulnerabilities in the Google Play store and the Android stock browser, attackers can install malicious apps remotely on some Android devices. The attack is the result of a failure on the part of Google’s Play Store Web application to completely enforce the X-Frame-Options header, a common defense against clickjacking and other[…]
There are a number of serious vulnerabilities in the Siemens Ruggedcom WIN switches, including a remotely exploitable buffer overflow and a flaw that could allow an attacker to take actions on the device without authentication. The vulnerabilities affect several models of the Ruggedcom WIN switches, including WIN51xx all versions prior to SS4.4.4624.35, WIN52xx: all versions[…]
A relatively new Android Trojan that specializes in stealing banking information by intercepting SMS messages has been making the rounds.
In the wake of a recent enforcement action against Marriott for blocking guests’ WiFi hotspots in their hotels, the FCC is warning other hotel operators and business owners that such blocking is illegal and the commission’s Enforcement Bureau is taking note. Marriott last year paid a fine of $600,000 to settle an FCC enforcement action[…]
Silent Circle patched a serious memory corruption vulnerability in the Silent Text application bundled with the secure Blackphone as well as in the standalone iOS and Android apps.
Apple has released major security updates for both OS X and iOS that includes patches for a number of bugs that could lead to arbitrary code execution. The release of iOS 8.1.3 fixes a vulnerability that allowed an attacker to bypass the sandbox restrictions in Safari and the OS X update fixes a serious flaw[…]