Security News
Gigabud RAT was first documented by Cyble in January 2023 after it was spotted impersonating bank and government apps to siphon sensitive data. While Android devices have the "Install from Unknown Sources" setting disabled by default as a security measure to prevent the installation of apps from untrusted sources, the operating system allows other apps on installed on the device, such as web browsers, email clients, file managers, and messaging apps, to request the "REQUEST INSTALL PACKAGES" permission.
Google has revealed new cellular security mitigations that will be available for users and enterprises on its soon-to-be-released Android 14, and announced a new release schedule for Chrome Stable channel updates. Even though 2G service has been shut down by most major network carriers, many devices are still able to connect to dwindling 2G cellular networks.
Google has introduced a new security feature in Android 14 that allows IT administrators to disable support for 2G cellular networks in their managed device fleet. "The Android Security Model assumes that all networks are hostile to keep users safe from network packet injection, tampering, or eavesdropping on user traffic," Roger Piqueras Jover, Yomna Nasser, and Sudhi Herle said.
Google has announced new cellular security features for its upcoming Android 14, expected later this month, that aim to protect business data and communications. Roid 14 will allow consumers and enterprises to turn off support for 2G on their devices or a managed device fleet and disable support for null-cipher cellular connectivity at the modem level.
The Google Cloud security team acknowledged a common tactic known as versioning used by malicious actors to slip malware on Android devices after evading the Google Play Store's review process and...
Various European customers of different banks are being targeted by an Android banking trojan called SpyNote as part of an aggressive campaign detected in June and July 2023. What makes the malware strain notable is its dual functions as spyware and perform bank fraud.
In the Android ecosystem, n-day vulnerabilities are almost as dangerous as zero-days, according to Google's review of zero-days exploited in the wild in 2022. The problem is considerable in the Android ecosystem, since Google's Android security team often quickly pushes out patches for zero-days but downstream original equipment manufacturers may take a while to release a fix for users to apply.
Hackers are using a fake Android app named 'SafeChat' to infect devices with spyware malware that steals call logs, texts, and GPS locations from phones. The Android spyware is suspected to be a variant of "Coverlm," which steals data from communication apps such as Telegram, Signal, WhatsApp, Viber, and Facebook Messenger.
Google has published its annual 0-day vulnerability report, presenting in-the-wild exploitation stats from 2022 and highlighting a long-standing problem in the Android platform that elevates the value and use of disclosed flaws for extended periods. Once Google learns about it, it becomes an n-day, with the n reflecting the number of days since it became publicly known.
A new Android malware strain called CherryBlos has been observed making use of optical character recognition techniques to gather sensitive data stored in pictures. Besides displaying fake overlays on top of legitimate crypto wallet apps to steal credentials and make fraudulent fund transfers to an attacker-controlled address, CherryBlos utilizes OCR to recognize potential mnemonic phrases from images and photos stored on the device, the results of which are periodically uploaded to a remote server.