Security News

Researchers have uncovered a surveillance campaign, dating back to at least 2013, which has used a slew of Android surveillanceware tools to spy on the Uyghur ethnic minority group. Researchers say, the surveillance apps in the campaign were likely distributed through a combination of targeted phishing and fake third-party app stores - however, they fortunately haven't been discovered on official app marketplaces, like Google Play.

Before being taken down, the 25 apps were collectively downloaded more than 2.34 million times. The malicious apps were developed by the same threat group and despite offering different features, under the hood, all the apps worked the same.

Microsoft this week announced the public preview availability of the Android version of its Defender Advanced Threat Protection software and the general availability of the Linux variant. Microsoft introduced Defender ATP in Windows 10 in 2016, but has since expanded its reach to other Windows versions, as well as to macOS and Linux, and now mobile devices.

A new strain of ransomware has arisen in Canada, targeting Android users and locking up personal photos and videos. Like other ransomware families, it encrypts targeted files.

Microsoft has added support for Linux and Android to Microsoft Defender ATP, its unified enterprise endpoint security platform. "Adding Linux into the existing selection of natively supported platforms by Microsoft Defender ATP marks an important moment for all our customers. It makes Microsoft Defender Security Center a truly unified surface for monitoring and managing security of the full spectrum of desktop and server platforms that are common across enterprise environments," noted Helen Allas, a principal program manager at Microsoft.

Microsoft has extended its antivirus package for servers - better known the Defender Advanced Threat Protection for servers suite - to Linux as a general availability release. More importantly for admins, it can be controlled through the Microsoft Defender Security Center alongside Windows Server boxen and fleets of PCs. Mind you, this isn't something Microsoft expects to help it break into organizations exclusively using Linux.

A study of banking apps for iOS and Android found poor source code protection, cleartext storage of sensitive data, and other serious flaws that make it easy for attackers to break into accounts. A study of banking apps for iOS and Android has led researchers to conclude that "None of the tested mobile banking applications has an acceptable level of security."

Researchers have discovered a new Android spyware, dubbed ActionSpy, targeting victims across Tibet, Turkey and Taiwan. "ActionSpy, which may have been around since 2017, is an Android spyware that allows the attacker to collect information from the compromised devices," said researchers with Trend Micro in a Thursday analysis.

Trend Micro has pulled the Privacy Browser from its Dr Safety Android security suite following the discovery of a reoccurring flaw that could be abused to trick people into thinking malicious pages were legit. Trend responded by pulling the app from its Android security suite.

A security researcher was able to compromise an Android application by invoking each of its exposed Activity components. Activities, one of the three primary components of Android apps, are called using Intents, which are messaging objects that applications use to communicate with their different components.