Security News

Two popular Android apps from Chinese tech giant Baidu were temporarily unavailable on the Google Play Store in October after they were caught collecting sensitive user details. The two apps in question-Baidu Maps and Baidu Search Box-were found to collect device identifiers, such as the International Mobile Subscriber Identity number or MAC address, without users' knowledge, thus making them potentially trackable online.

Scammers are taking advantage of the Minecraft sandbox video game's wild success by developing Google Play apps which appear to be Minecraft modpacks, but instead deliver abusive ads, according to researchers. Since July, Kaspersky researchers have found more than 20 of these apps and determined that they have been downloaded on more than a million Android devices.

Did you know that Google has a VPN for Android? It's called Google One VPN, and it's secure, fast, and incredibly easy to use. The Google VPN hides your IP address to prevent third-parties from tracking you and doesn't use the VPN connection to track or log your activity.

Discovered by cybersecurity firm Palo Alto Networks, two apps from Chinese tech company Baidu were found leaking certain data from the devices. With the aid of machine learning-based spyware detection, researchers at Palo Alto Network's Unit 42 security arm found multiple Android apps on Google Play that were leaking data.

Fraudsters bypassed Google's protections for the official Play Android store and published more than 20 fake modpacks for the popular game Minecraft. Depending on the commands received from the server, the apps could also open Google Play, Facebook, or play YouTube videos, putting more money into the operator's pockets with each display.

Google is rolling out end-to-end encryption in the unloved and unwanted Android Rich Communication Services, as part of a renewed hope people might use messaging services controlled by the Chocolate Factory. The rollout seems to be a last roll of the dice for RCS, which began life as the telco industries' SMS killer - or, more prosaically, their belated response to the growth of over-the-top messaging services such as Blackberry Messenger and WhatsApp.

Facebook has patched a significant flaw in the Android version of Facebook Messenger that could have allowed attackers to spy on users and potentially identify their surroundings without them knowing. Exploiting the bug would only take a few minutes; however, an attacker would already have to have permissions-i.e., be Facebook "Friends" with the user-to call the person on the other end.

Facebook this week addressed a vulnerability in Facebook Messenger for Android that could have allowed an attacker to connect to an audio call without user interaction. To reproduce the issue, both the attacker and the receiver need to be logged into Facebook Messenger on their devices.

A security weakness discovered in the GO SMS Pro Android app can be exploited to publicly expose media sent using the app, according to researchers. The GO SMS Pro application is a popular messenger app with more than 100 million downloads from the Google Play store.

Google said Thursday it will be rolling out end-to-end encryption for Android users, making it harder for anyone - including law enforcement - to read the content of messages. "End-to-end encryption ensures that no one, including Google and third parties, can read the content of your messages as they travel between your phone and the phone of the person you're messaging," said Google product lead Drew Rowny in announcing the rollout.