Security News

Roid mobile device users are being targeted in a new SMS phishing campaign that's spreading the FakeSpy infostealer. One example of a message used in the latest FakeSpy campaign is an alert from the postal service local to the region of the victim, informing them that the service tried to send a package, but the receiver was not at home, for instance.

Google this week shared details on how it is fighting memory bugs in Android 11, as well as on other security improvements that the upcoming platform version will deliver. One of the main improvements in the new operating system iteration is related to initialization of memory, which is expected to eliminate an entire class of issues that occur in C/C++: uninitialized memory bugs.

Researchers have uncovered a surveillance campaign, dating back to at least 2013, which has used a slew of Android surveillanceware tools to spy on the Uyghur ethnic minority group. Researchers say, the surveillance apps in the campaign were likely distributed through a combination of targeted phishing and fake third-party app stores - however, they fortunately haven't been discovered on official app marketplaces, like Google Play.

Before being taken down, the 25 apps were collectively downloaded more than 2.34 million times. The malicious apps were developed by the same threat group and despite offering different features, under the hood, all the apps worked the same.

Microsoft this week announced the public preview availability of the Android version of its Defender Advanced Threat Protection software and the general availability of the Linux variant. Microsoft introduced Defender ATP in Windows 10 in 2016, but has since expanded its reach to other Windows versions, as well as to macOS and Linux, and now mobile devices.

A new strain of ransomware has arisen in Canada, targeting Android users and locking up personal photos and videos. Like other ransomware families, it encrypts targeted files.

Microsoft has added support for Linux and Android to Microsoft Defender ATP, its unified enterprise endpoint security platform. "Adding Linux into the existing selection of natively supported platforms by Microsoft Defender ATP marks an important moment for all our customers. It makes Microsoft Defender Security Center a truly unified surface for monitoring and managing security of the full spectrum of desktop and server platforms that are common across enterprise environments," noted Helen Allas, a principal program manager at Microsoft.

Microsoft has extended its antivirus package for servers - better known the Defender Advanced Threat Protection for servers suite - to Linux as a general availability release. More importantly for admins, it can be controlled through the Microsoft Defender Security Center alongside Windows Server boxen and fleets of PCs. Mind you, this isn't something Microsoft expects to help it break into organizations exclusively using Linux.

A study of banking apps for iOS and Android found poor source code protection, cleartext storage of sensitive data, and other serious flaws that make it easy for attackers to break into accounts. A study of banking apps for iOS and Android has led researchers to conclude that "None of the tested mobile banking applications has an acceptable level of security."

Researchers have discovered a new Android spyware, dubbed ActionSpy, targeting victims across Tibet, Turkey and Taiwan. "ActionSpy, which may have been around since 2017, is an Android spyware that allows the attacker to collect information from the compromised devices," said researchers with Trend Micro in a Thursday analysis.