Security News
Researchers discovered new Android spyware that provides similar capabilities to NSO Group's Pegasus controversial software. PhoneSpy disguises itself as a legitimate application and gives attackers complete access to data stored on a mobile device and grants full control over the targeted device, according to a Zimperium zLabs report published Wednesday.
An ongoing spyware campaign dubbed 'PhoneSpy' targets South Korean users via a range of lifestyle apps that nest in the device and silently exfiltrate data. The campaign deploys a powerful Android malware capable of stealing sensitive information from the users and taking over the device's microphone and camera.
A new Android malware known as MasterFred uses fake login overlays to steal the credit card information of Netflix, Instagram, and Twitter users. This new Android banking trojan also targets bank customers with custom fake login overlays in multiple languages.
Jack Wallen makes his case for Android users to switch from Chrome as their default browsers. I'm going to be honest here, I don't use a web browser very often on Android.
Google has rolled out its monthly security patches for Android with fixes for 39 flaws, including a zero-day vulnerability that it said is being actively exploited in the wild in limited, targeted attacks. Tracked as CVE-2021-1048, the zero-day bug is described as a use-after-free vulnerability in the kernel that can be exploited for local privilege escalation.
Google has rolled out its monthly security patches for Android with fixes for 39 flaws, including a zero-day vulnerability that it said is being actively exploited in the wild in limited, targeted attacks. Tracked as CVE-2021-1048, the zero-day bug is described as a use-after-free vulnerability in the kernel that can be exploited for local privilege escalation.
Among Google's November Android security updates is a patch for a zero-day weakness that "May be under limited, targeted exploitation," the company said. In this case, it can be exploited for local escalation of privilege and, when paired with a remote code execution bug, an exploit could allow attackers to gain administrative control over a targeted system.
Google has released the Android November 2021 security updates, which address 18 vulnerabilities in the framework and system components, and 18 more flaws in the kernel and vendor components. Not many technical details have been released around this flaw yet, as original equipment manufacturers are currently working on merging the patch with their custom builds, so most Android users are vulnerable.
A new and dangerous form of malware for rooting Android phones has been spotted in 19 apps on Google's Play store, as well as in several in the Amazon Appstore, the Samsung Galaxy Store, and other third-party sites. Dubbed AbstractEmu by bug-hunters at Lookout, who first spotted the code, the malware would give full access to all functions on an Android device and would be almost impossible to remove without doing a full system wipe.
An unidentified threat actor has been linked to a new Android malware strain that features the ability to root smartphones and take complete control over infected smartphones while simultaneously taking steps to evade detection. Lookout Threat Labs said it found a total of 19 Android applications that posed as utility apps and system tools like password managers, money managers, app launchers, and data saving apps, seven of which contained the rooting functionality.