Security News

A high severity security vulnerability found in Qualcomm's Mobile Station Modem chips could enable attackers to access mobile phone users' text messages, call history, and listen in on their conversations. Qualcomm MSM is a series of 2G, 3G, 4G, and 5G capable system on chips used in roughly 40% of mobile phones by multiple vendors, including Samsung, Google, LG, OnePlus, and Xiaomi.

Twitter is rolling out a new feature for iOS and Android mobile apps that aims to bring "Bigger and better" images to your timeline in the form of tall and uncropped photos. Since March, Twitter has been testing the new feature on mobile apps that allow you to see larger and taller images in your timeline rather than cropped 16:9 images.

uCloudlink has inked a cooperation agreement with Intercel to provide its mobile broadband devices and data services. The alliance will see Intercel distribute uCloudlink's GlocalMe mobile broadband devices and mobile data services in Australia.

In emerging markets such as Brazil, Indonesia, South Africa and Thailand, 16 percent of mobile devices that processed a transaction were found to be infected with malware, according to Upstream. Insights come from Secure-D processing 1 billion mobile transactions and service sign-ups for 35 mobile operators in 23 emerging markets covering nearly 840 million users.

Cellebrite's forensic applications do not include the type of security protections one would expect from a parsing software, which renders them susceptible to attacks, according to privacy-focused messaging service Signal. Cellebrite claims to have thousands of customers in over 140 countries.

The Car Connectivity Consortium announced that its Digital Key Release 3.0 specification - which adds Bluetooth Low Energy and Ultra Wideband wireless connectivity technologies to enable compatible mobile devices with passive keyless access and engine start - is planned for completion by the middle of 2021. "We are creating a world where our mobile devices become true digital keys for our vehicles, bringing a new level of convenience and accessibility for users," said Daniel Knobloch, president, CCC. "Our Digital Key Release 3.0 will allow users to leave their mobile device in their bag or pocket when unlocking or starting their vehicle."

Facebook on Wednesday said it took steps to dismantle malicious activities perpetrated by two state-sponsored hacking groups operating out of Palestine that abused its platform to distribute malware. To disrupt the adversary operations, Facebook said it took down their accounts, blocked domains associated with their activity, and alerted users it suspects were singled out by these groups to help them secure their accounts.

Software developed by data extraction company Cellebrite contains vulnerabilities that allow arbitrary code execution on the device, claims Moxie Marlinspike, the creator of the encrypted messaging app Signal. The researcher found that Cellebrite's software had outdated open-source code that had not been updated in almost a decade, despite security updates being available.

Phone, tablet, and IoT gadget makers will have to state when they'll stop providing security updates for new devices entering the market, the UK's Department for Culture, Media and Sport vowed this morning. Today's pledge would see existing plans for internet-connected tat extended to smartphones and tablets, which is a large step for a scheme originally put together for landfill Internet-of-Things devices such as webcams.

Smith Micro Software announced that it has completed its previously announced acquisition of Avast's Family Safety Mobile business. With this acquisition, Smith Micro obtains Avast's portfolio of mobile family safety services including location features, content filtering and screen time management, cementing Smith Micro as a market leader in delivering mobile family safety software solutions to wireless carriers.