Security News

Google: Protections Added by Samsung to Android Kernel Increase Attack Surface
2020-02-13 16:20

A Google Project Zero researcher claims that some of the security features added by Samsung to the Android kernel don't provide meaningful protection and they actually increase the attack surface. Project Zero researcher Jann Horn has analyzed the Android kernel shipped by Samsung with its Galaxy A50 phones and found that some security features added by the tech giant actually make security worse.

Google: Efforts Against Bad Android Apps on Play Store Are Working
2020-02-13 11:44

Some of the efforts Google has made over the past few years to bolster the security of Android app users as well as the mobile apps available on its Google Play store are starting to work, according to the tech giant. "Over the last few years we've made the trust and safety of Google Play a top priority, and have continued our investments and improvements in our abuse detection systems, policies, and teams to fight against bad apps and malicious actors," Andrew Ahn, Product Manager, Google Play and Android App Safety, wrote in a blog post this week.

Google Play Protect Scans 100 Billion Android Apps Daily
2020-02-13 02:50

Google Play Protect now scans over 100 billion applications on Android devices daily, according to new figures disclosed by Google this week. Google Play Protect is the protection mechanism built into the Android operating system to help protect devices and data from malware and other threats.

Critical Android Bluetooth Bug Enables RCE, No User Interaction Needed
2020-02-07 20:35

A critical vulnerability in the Bluetooth implementation on Android devices could allow attackers to launch remote code execution attacks - without any user interaction. Researchers on Thursday revealed further details behind the critical Android flaw, which was patched earlier this week as part of Google's February Android Security Bulletin.

Phishing Campaign Targets 250 Android Apps with Anubis Malware
2020-02-07 14:49

A new phishing campaign is attempting to deliver sophisticated malware that can completely hijack an Android mobile device to steal user credentials, install a keylogger and even hold a device's data for ransom. Researchers at Cofense, who discovered the campaign, said the malware targets more than 250 Android apps with tailored login overlay screens used to capture credentials inputted into the apps.

Critical Bluetooth Vulnerability Exposes Android Devices to Attacks
2020-02-07 13:06

One of the security flaws that Google addressed with the February 2020 set of Android patches is a critical vulnerability in Bluetooth that could lead to code execution. While no user interaction is required for the attack to be successful, the adversary needs to know the target device's Bluetooth MAC address and Bluetooth has to be enabled.

Android owners – you'll want to get these latest security patches, especially for this nasty Bluetooth hijack flaw
2020-02-07 06:04

Google has posted the February security updates for Android, including for a potentially serious remote code execution flaw in Bluetooth. Designated CVE-2020-0022, the flaw was discovered and reported by researchers with German company ERNW who say a fix has been in the works since November.

Android pulls 24 ‘dangerous’ malware-filled apps from Play Store
2020-02-06 11:35

Researchers from VPN Pro recently discovered the bad apps when looking into the dangerous permissions that popular free antivirus apps request. As the researchers kept digging into the excessive, unnecessary, dangerous permissions these apps ask for, the name Hi Security popped up again.

Critical Android flaws patched in February bulletin
2020-02-05 11:46

Google has patched some serious bugs in Android, including a couple of critical flaws that could let hackers run their own code on the mobile operating system. What Google does tell us in its February 2020 advisory is that it lies in the system component of Android, which contains the system apps that ship with the OS. It's a remote code execution bug in the context of a privileged process, giving the attacker a high level of access to the operating system, and it applies to versions 8.0, 8.1, and 9 of the Android Open-Source Project, on which the various phone implementations of Android are based.

Android's February 2020 Update Patches Critical System Vulnerabilities
2020-02-05 04:58

Google this week released the February 2020 set of security updates for the Android operating system, which address a total of 25 vulnerabilities, including 2 rated critical severity. Tracked as CVE-2020-0022, the first of these bugs is a remote code execution vulnerability that is considered critical only on Android 8.0, 8.1, and 9 devices.