Backdoor Found in Firmware of Some Android Devices
Attackers could exploit over-the-air updates in three million Android devices to remotely execute commands with root privileges via a man-in-the-middle (MiTM) attack.
Mobile security
OAuth 2.0 Hack Exposes 1 Billion Mobile Apps to Account Hijacking
Mobile app developers need to be aware of improper OAuth 2.0 implementations that have put one billion mobile apps at risk to takeover.
Keen Lab Takes Down iPhone 6S, Nexus 6P at Mobile Pwn2Own
Hackers with Keen Team identified vulnerabilities in iOS 10.1 and Android Nougat at Mobile Pwn2Own this week.
A study finds risky apps leave mobile devices open to SMS denial-of-service attack and remote SIM card rooting.
At Virus Bulletin, researchers explain how Android mobile applications can collude to share data and synchronize payload execution.
At Virus Bulletin, researchers explained the risks associated with abandoned SDK master servers that present attackers with an opportunity to assume control of these communication channels.
The massive Yahoo breach, this week’s Security of Things Forum, Mamba ransomware, and Google Allo are discussed.
Researchers at Lookout said that 80 percent of Android devices remain vulnerable to a critical Linux vulnerability disclosed last week.
Google today in the monthly Android Security Bulletin patched more than three-dozen critical vulnerabilities in Qualcomm components.
Developers with Android’s Security Team peeled back some of the layers on the mobile operating system this week; describing the lengths Google goes to protect the Linux kernel.
Editor's Picks
-
WordPress Flaw Opens Millions of WooCommerce Shops to Takeover
-
Rapidly Growing Router Botnet Takes Advantage of 5-Year-Old Flaw
-
ThreatList: Despite Fraud Awareness, Password Reuse Persists for Half of U.S. Consumers
-
Samsung, Crucial’s Flawed Storage Drive Encryption Leaves Data Exposed
-
U.S. Elections True Test for Facebook’s Disinformation Crackdown