Security News

Windows 11 Subsystem for Android can now use VPN-assigned IPs
2022-07-06 22:40

Microsoft has released an update for the Windows Subsystem for Android, allowing all Windows 11 Insiders to use their VPN's IP address with Android apps. In May, Microsoft introduced a new 'Advanced Networking' feature to Windows 11 builds on the Dev channel, which made the Windows Subsystem for Android virtual machine and host share the same IP address.

Microsoft Defender adds network protection for Android, iOS devices
2022-07-03 14:09

Microsoft has introduced a new Microsoft Defender for Endpoint feature in public preview to help organizations detect weaknesses affecting Android and iOS devices in their enterprise networks.After enabling the new Mobile Network Protection feature on Android and iOS devices you want to monitor, the enterprise endpoint security platform will provide protection and notifications when it detects rogue Wi-Fi-related threats and rogue certificates.

Microsoft Warns About Evolving Capabilities of Toll Fraud Android Malware Apps
2022-07-01 21:01

Microsoft has detailed the evolving capabilities of toll fraud malware apps on Android, pointing out its "Complex multi-step attack flow" and an improved mechanism to evade security analysis. Toll fraud belongs to a category of billing fraud wherein malicious mobile applications come with hidden subscription fees, roping in unsuspecting users to premium content without their knowledge or consent.

Amazon Quietly Patches 'High Severity' Vulnerability in Android Photos App
2022-07-01 00:09

"The Amazon access token is used to authenticate the user across multiple Amazon APIs, some of which contain personal data such as full name, email, and address," Checkmarx researchers João Morais and Pedro Umbelino said. "Others, like the Amazon Drive API, allow an attacker full access to the user's files."

Amazon fixes high-severity vulnerability in Android Photos app
2022-06-29 11:00

Amazon Photos is an image and video storage application that enables users to seamlessly share their snaps with up to five family members, offering powerful management and organization features. Exploiting this bug could have enabled a malicious app installed on the same device to snatch Amazon access tokens used for Amazon APIs authentication.

New Android Banking Trojan 'Revive' Targeting Users of Spanish Financial Services
2022-06-28 20:13

A previously unknown Android banking trojan has been discovered in the wild, targeting users of the Spanish financial services company BBVA. Said to be in its early stages of development, the malware - dubbed Revive by Italian cybersecurity firm Cleafy - was first observed on June 15, 2022 and distributed by means of phishing campaigns. "The name Revive has been chosen since one of the functionality of the malware is restarting in case the malware stops working, Cleafy researchers Federico Valentini and Francesco Iubatti said in a Monday write-up."

Android malware ‘Revive’ impersonates BBVA bank’s 2FA app
2022-06-27 18:30

A new Android banking malware named Revive has been discovered that impersonates a 2FA application required to log into BBVA bank accounts in Spain. The new banking trojan follows a more focused approach targeting the BBVA bank instead of attempting to compromise customers of multiple financial institutes.

How to use Bitwarden on Android
2022-06-27 14:29

Bitwarden is so well designed and developed that anyone can use the app with very little problem. Let's dig into this feature, so you can take full advantage of Bitwarden on Android.

Spyware vendor targets iOS and Android in Italy and Kazakhstan, collaborates with ISP
2022-06-27 13:41

The iOS application does not trigger any alert since it is signed with a certificate from a company named 3-1 Mobile SRL, enrolled in the Apple Developer Enterprise Program. The Android malicious software requires the targeted user to allow the installation of applications from unknown sources.

Google Warns Spyware Being Deployed Against Android, iOS Users
2022-06-24 11:02

Google is warning victims in Kazakhstan and Italy that they are being targeted by Hermit, a sophisticated and modular spyware from Italian vendor RCS Labs that not only can steal data but also record and make calls. Researchers from Google Threat Analysis Group revealed details in a blog post Thursday by TAG researchers Benoit Sevens and Clement Lecigne about campaigns that send a unique link to targets to fake apps impersonating legitimate ones to try to get them to download and install the spyware.