Security News

Google has disclosed that two Android security flaws impacting its Pixel smartphones have been exploited in the wild by forensic companies. The high-severity zero-day vulnerabilities are as...

Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been observed on the Google Play Store. The...

The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with...

Security researchers found a new version of the Vultur banking trojan for Android that includes more advanced remote control capabilities and an improved evasion mechanism. A report from Fox-IT, part of the NCC Group, warns that a new, more evasive version of Vultur spreads to victims through a hybrid attack that relies on smishing and phone calls that trick the targets into installing a version of the malware that masquerades as the McAfee Security app.

Drozer is an open-source security testing framework for Android, whose primary purpose is to make the life of mobile application security testers easier. The solution enables the identification of security vulnerabilities in applications and devices by taking on the role of an app and facilitating interactions with the Dalvik VM, other apps' IPC endpoints, and the operating system.

Over 15 free VPN apps on Google Play were found using a malicious software development kit that turned Android devices into unwitting residential proxies, likely used for cybercrime and shopping bots. HUMAN discovered the first PROXYLIB carrier app in May 2023, a free Android VPN app named "Oko VPN." The researchers later found the same library used by the LumiApps Android app monetization service.

With iOS 17.4, Apple introduced a new choice screen that asks EU users to select a default web browser from a list of randomly listed browsers, including Opera. Google also rolled out a similar browser choice screen to Android users on March 6th, which will be shown during the initial setup of an Android smartphone or tablet.

The latest version of the PixPirate banking trojan for Android employs a new method to hide on phones while remaining active, even if its dropper app has been removed. PixPirate is a new Android malware first documented by the Cleafy TIR team last month seen targeting Latin American banks.

The threat actors behind the PixPirate Android banking trojan are leveraging a new trick to evade detection on compromised devices and harvest sensitive information from users in Brazil. The...

RiskInDroid is an open-source tool for quantitative risk analysis of Android applications based on machine learning techniques. "A user should be able to quickly assess an application's level of risk by simply glancing at RiskInDroid's output, and they should be able to compare the app's risk with others easily," Gabriel Claudiu Georgiu, developer of RiskInDroid, told Help Net Security.