Security News

Mobile announced that hackers stole part of its customer database thus obtaining personal user information and SIM technical data. This changed on Monday when the company confirmed the massive breach saying that personal data and SIM-related information had been stolen.

T-Mobile USA has reported a data breach - its fourth in three years. The wireless carrier disclosed the breach last week via its website, saying that it detected and shut down "Malicious, unauthorized access to some information" related to T-Mobile accounts.

Driven by the pandemic, many consumers rely on mobile apps to buy everything from daily essentials to holiday gifts. According to a recent analysis, there are some alarming security concerns among some of the top 50 Android retail mobile apps.

T-Mobile has announced a data breach exposing customers' proprietary network information, including phone numbers and call records. After bringing in a cybersecurity firm to perform an investigation, T-Mobile found that threat actors gained access to the telecommunications information generated by customers, known as CPNI. The information exposed in this breach includes phone numbers, call records, and the number of lines on an account.

A threat actor is distributing fake Windows and Android installers for the Cyberpunk 2077 game that is installing a ransomware calling itself CoderWare. This week, Kaspersky malware analyst Tatyana Shishkova discovered an Android ransomware masquerading as a mobile version of the Cyberpunk 2077 game.

A group of cybercriminals used mobile emulators to spoof thousands of mobile devices , which enabled them to steal millions of dollars within days. Targeting financial institutions in Europe and the United States, the mobile banking fraud operation relied on over 20 emulators to spoof more than 16,000 mobile devices and access compromised accounts.

Threat actors behind an ongoing worldwide mobile banking fraud campaign were able to steal millions from multiple US and EU banks, needing just a few days for each attack. While emulators are not malicious tools, the group behind this campaign used them for malicious purposes emulating compromised devices or setting up what looked like new devices picked up by the compromised accounts' owners.

Microsoft has released a new version of Microsoft Authenticator that now acts as a password manager for Android and iOS. With this new feature, you can now autofill credentials into websites and apps that were saved via Authenticator or Microsoft Edge's built-in password manager to your Microsoft account. Once enabled on Microsoft Authenticator and you log in to an app or website, you will be prompted to autofill your saved password, as shown below.

Google on Wednesday confirmed it is banning location tracking software developed by data collection firm X-Mode Social from apps on Android-powered mobile devices, which dominate the global market. Vice News reported last November that X-Mode was collecting the location data of people using apps intended for Muslim audiences, particularly the dating platform Muslim Mingle.

Smartphones, tablets, collaboration apps and other modern framework tools are critical to maintaining productivity remotely, but they also demand an integrated security strategy purpose-built for mobile devices. At the same time, mobile phishing attacks against consumer and enterprise users spiked across all geographies and industries.