Security News

The Mobile Security Framework is an open-source research platform for mobile application security, encompassing Android, iOS, and Windows Mobile. MobSF can be used for mobile app security assessment, penetration testing, malware analysis, and privacy evaluation.

Security researcher HaxRob discovered a previously unknown Linux backdoor named GTPDOOR, designed for covert operations within mobile carrier networks. The GRX is a component of mobile telecommunications that facilitates data roaming services across different geographical areas and networks.

Tens of thousands of U.S. customers from Verizon, T-Mobile, and AT&T are complaining Thursday morning about the lack of wireless service or interruptions to service. "The San Francisco Fire Department published a"cell phone service outage" announcement saying that "AT&T wireless customers can't make or receive any phone calls, although the 911 center is operational.

Tens of thousands of U.S. customers from Verizon, T-Mobile, and AT&T are complaining Thursday morning about the lack of wireless service or interruptions to service. According to data from problem tracking site Downdetector more than 73,000 AT&T customers from multiple states - including North Carolina, Louisiana, Texas, and Florida, reported a lack of service.

Cybercriminals are targeting iOS users with malware that steals Face ID scans to break into and pilfer money from bank accounts - thought to be a world first. iOS target Android and iOS respectively, tricking users into performing biometric verification checks that are ultimately used to bypass the same checks employed by legitimate banking apps in Vietnam and Thailand - the geographic focus of these ongoing attacks.

A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called...

Mobile devices are commonly used to conduct company business, which can render them more susceptible to risk than desktop or even laptop computers. The same social engineering, phishing and application/operating system vulnerabilities which plague desktops and laptops are just as applicable to mobile devices.

Asia In Brief Indian infosec firm CloudSEK last week claimed it found records describing 750 million Indian mobile network subscribers on the dark web, with two crime gangs offering the trove of data for just $3,000. CloudSEK named CYBO CREW affiliates CyboDevil and UNIT8200 as the vendors of a 1.8TB trove, which contains mobile subscribers' names, phone numbers, addresses, and Aadhaar details.

Computer science researchers have developed a new way to identify security weaknesses that leave people vulnerable to account takeover attacks, where an attacker gains unauthorized access to online accounts. Dr Luca Arnaboldi from Birmingham's School of Computer Science worked with Professor David Aspinall from the University of Edinburgh, Dr Christina Kolb from the University of Twente, and Dr Sasa Radomirovic from the University of Surrey to define a way of cataloging security vulnerabilities and modeling account takeover attacks, by reducing them their constituent building blocks.

A major T-Mobile outage is preventing customers from logging into their accounts and using the company's mobile app. T-Mobile users trying to access their accounts receive an error warning that the mobile carrier's website has been "Unplugged."