There is a major vulnerability in a library in iOS that allows an attacker to overwrite arbitrary files on a target device and, when used in conjunction with other techniques, install a signed app that the device will trust without prompting the user with a warning dialog. The vulnerability lies in a library in both[…]
Browsing Category: Mobile Security
Exploit code for the Android Stagefright vulnerability was made public, and researcher Joshua Drake hopes organizations will test Android systems and devices against the code.
The Department of Justice has established a new policy that requires federal law enforcement agents–and state and local agencies working with the department–to obtain search warrants in order to use Stingray devices.
Dennis Fisher and Mike Mimoso talk about the potential US sanctions against China over cyberespionage, the browser vendors dumping RC4, the trouble at Mobile Pwn2Own and more security news of the week.
A new strain of Android ransomware disguised as a video player app uses an instant messaging protocol called XMPP to receive commands and communicate with the command and control server.
Multiple weaknesses exist in AppLock, a popular lock application for Android devices that boasts over 100 million users.
Researchers have discovered a new strain of iOS malware dubbed KeyRaider that targets jailbroken devices and has the ability to steal certificates, private keys, and Apple account information. The malware already has claimed the private Apple account data of more than 225,000 victims. The KeyRaider malware was discovered by researchers at Palo Alto Networks, who[…]
Indiana University researchers developed a scanner called MassVet that finds malicious apps hiding in Android markets such as Google Play.
A patched iOS vulnerability can be exploited to allow malicious apps to bypass background restrictions and exploit Apple devices.
A mobile application exploiting the so-called Certifi-gate vulnerability disclosed at Black Hat has been removed from the Google Play store.