Security News

If you migrated to a different iPhone or Android device and need to transfer Google Authenticator to the new hardware, follow these steps.

A crafty person could have slurped every single cookie from a Firefox-using Android device by tricking a user to look at a specially crafted HTML file. So found infosec researcher Pedro Oliveira, who discovered a vulnerability in the way Firefox handled local files through content:// URIs that allowed him to remotely retrieve copies of all cookies saved on the device - giving him access to a reasonable estimate of the websites viewed by the device's user.

In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. Based on not much more but these few data points and his knowledge of silicon chip development - he was head of R&D at Fairchild Semiconductors, the company that was to seed Silicon Valley - he said that for the next decade, component counts by area could double every year.

Microsoft has announced today that Windows 10 customers with devices running the latest Insider build can launch and interact with multiple Android apps directly on their computers' desktops. Support for streaming and using Android apps on Windows 10 from supported Samsung devices was announced by Microsoft in August.

This week Samsung has started rolling out Android's November security updates to mobile devices to patch critical security vulnerabilities in the operating system and enhance overall features on the devices. This comes after Android had published their November 2020 security updates bulletin, which includes patches for critical vulnerabilities impacting the latest devices.

A new banking trojan has been discovered targeting Android users, with the capabilities to spy on 153 mobile apps from various banks, cryptocurrencies and exchanges. Kaspersky telemetry shows that all victims of the Ghimob mobile banking trojan are currently located in Brazil at the moment.

Adobe has released security updates to address vulnerabilities classified as 'Important' in Adobe Reader for Android and Adobe Connect. Adobe advises all customers to update the vulnerable products to the latest versions as soon as possible to block attacks that could attempt to exploit unpatched installations.

Four months after security researchers uncovered a "Tetrade" of four Brazilian banking Trojans targeting financial institutions in Brazil, Latin America, and Europe, new findings show that the criminals behind the operation have expanded their tactics to infect mobile devices with spyware. According to Kaspersky's Global Research and Analysis Team, the Brazil-based threat group Guildma has deployed "Ghimob," an Android banking Trojan targeting financial apps from banks, fintech companies, exchanges, and cryptocurrencies in Brazil, Paraguay, Peru, Portugal, Germany, Angola, and Mozambique.

Let's Encrypt has warned users whose devices are running older versions of Android that they may start getting errors next year when visiting websites secured by its certificates. The organization estimates that roughly one-third of Android devices are still running these older versions, which means their users will start getting certificate errors once the cross-signed certificate expires.

Let's Encrypt, a Certificate Authority that puts the "S" in "HTTPS" for about 220m domains, has issued a warning to users of older Android devices that their web surfing may get choppy next year. Next year, on September 1, 2021, the DST Root X3 certificate that Let's Encrypt initially relied for cross-signing will expire and devices that haven't been updated in the past four years to trust the X1 root certificate may find they're unable to connect to websites securely, not without throwing up error messages, at least.