Security News

Some of the efforts Google has made over the past few years to bolster the security of Android app users as well as the mobile apps available on its Google Play store are starting to work, according to the tech giant. "Over the last few years we've made the trust and safety of Google Play a top priority, and have continued our investments and improvements in our abuse detection systems, policies, and teams to fight against bad apps and malicious actors," Andrew Ahn, Product Manager, Google Play and Android App Safety, wrote in a blog post this week.

Google Play Protect now scans over 100 billion applications on Android devices daily, according to new figures disclosed by Google this week. Google Play Protect is the protection mechanism built into the Android operating system to help protect devices and data from malware and other threats.

A critical vulnerability in the Bluetooth implementation on Android devices could allow attackers to launch remote code execution attacks - without any user interaction. Researchers on Thursday revealed further details behind the critical Android flaw, which was patched earlier this week as part of Google's February Android Security Bulletin.

A new phishing campaign is attempting to deliver sophisticated malware that can completely hijack an Android mobile device to steal user credentials, install a keylogger and even hold a device's data for ransom. Researchers at Cofense, who discovered the campaign, said the malware targets more than 250 Android apps with tailored login overlay screens used to capture credentials inputted into the apps.

One of the security flaws that Google addressed with the February 2020 set of Android patches is a critical vulnerability in Bluetooth that could lead to code execution. While no user interaction is required for the attack to be successful, the adversary needs to know the target device's Bluetooth MAC address and Bluetooth has to be enabled.

Google has posted the February security updates for Android, including for a potentially serious remote code execution flaw in Bluetooth. Designated CVE-2020-0022, the flaw was discovered and reported by researchers with German company ERNW who say a fix has been in the works since November.

Researchers from VPN Pro recently discovered the bad apps when looking into the dangerous permissions that popular free antivirus apps request. As the researchers kept digging into the excessive, unnecessary, dangerous permissions these apps ask for, the name Hi Security popped up again.

Google has patched some serious bugs in Android, including a couple of critical flaws that could let hackers run their own code on the mobile operating system. What Google does tell us in its February 2020 advisory is that it lies in the system component of Android, which contains the system apps that ship with the OS. It's a remote code execution bug in the context of a privileged process, giving the attacker a high level of access to the operating system, and it applies to versions 8.0, 8.1, and 9 of the Android Open-Source Project, on which the various phone implementations of Android are based.

Google this week released the February 2020 set of security updates for the Android operating system, which address a total of 25 vulnerabilities, including 2 rated critical severity. Tracked as CVE-2020-0022, the first of these bugs is a remote code execution vulnerability that is considered critical only on Android 8.0, 8.1, and 9 devices.

Google has released a security update for a critical flaw in its Android operating system that allows hackers to execute remote code on affected handsets, potentially allowing an adversary to gain remote access to the device. Part of Google's February Android Security Bulletin, released Monday, also warns of a second critical flaw that could allow a remote hacker to gain access to an Android handset and obtain sensitive data.