Security News
A team of researchers today unveiled previously undisclosed capabilities of an Android spyware implant-developed by a sanctioned Iranian threat actor-that could let attackers spy on private chats from popular instant messaging apps, force Wi-Fi connections, and auto-answer calls from specific numbers for purposes of eavesdropping on conversations. In September, the US Department of the Treasury imposed sanctions on APT39 - an Iranian threat actor backed by the country's Ministry of Intelligence and Security - for carrying out malware campaigns targeting Iranian dissidents, journalists, and international companies in the telecom and travel sectors.
A vulnerability in the Google Play Core Library continues to impact many applications several months after official patches were released. The Google Play Core Library allows Android developers to deliver updates to their applications at runtime, via the Google API, without requiring interaction from the user.
A number of high-profile Android apps are still using an unpatched version of Google's widely-used app update library, potentially putting the personal data of hundreds of millions of smartphone users at risk of hacking. Although Google addressed the vulnerability in March, new findings from Check Point Research show that many third-party app developers are yet to integrate the new Play Core library into their apps to mitigate the threat fully.
Infosec bods from Check Point have discovered that popular apps are still running outdated versions of Google's Play Core library for Android - versions that contained a remote file inclusion vulnerability. They found that the Play Core Library, an in-app update and streamlining feature offered to Android devs, could be abused to "Add executable modules to any apps using the library".
First reported in late August by researchers at Oversecured and since analyzed by cyber threat intelligence provider Check Point, a recent flaw affecting several Android apps points to this patch-applying dilemma. After alerting the developers of these apps to the flaw, the Viber and Booking apps have since been patched, according to Check Point.
Roid apps with over 250 million downloads are still susceptible to a severe vulnerability in a Google library that was patched in August 2020. In August, mobile app security company Oversecured discovered a vulnerability in the Google Play Core Library that allowed malicious applications to execute code in legitimate apps.
Roid apps with over 250 million downloads are still susceptible to a severe vulnerability in a Google library that was patched in August 2020. In August, mobile app security company Oversecured discovered a vulnerability in the Google Play Core Library that allowed malicious applications to execute code in legitimate apps.
The GO SMS Pro Android app has published two new versions on Google Play since a major security weakness was disclosed in November - but neither fixes the original issue, leaving 100 million users at risk for privacy violations, researchers said. That's according to Trustwave SpiderLabs, which originally discovered a security issue that can be exploited to publicly expose private voicemails, video missives and photos sent using the popular messenger app.
GO SMS Pro, an Android instant messaging app with more than 100 million installs, is still exposing the privately shared messages of millions of users even though the developer has been working on a fix for the flaw behind the data leak for almost two weeks. Private files sent by users to contacts who don't have GO SMS Pro installed can be accessed from the app's servers via a shortened URL which redirects to a content delivery network server used to store all shared messages.
Microsoft is reportedly creating a subsystem, similar to the Windows Subsystem for Linux, that allows Android applications to run on Windows 10. Microsoft realizes this and has already started offering limited support for launching Android apps in Windows 10 using the Your Phone app and supported Android devices.