Security News

Maybe the Phone System Surveillance Vulnerabilities Will Be Fixed
2024-04-05 11:00

On March 27 the commission asked telecommunications providers to weigh in and detail what they are doing to prevent SS7 and Diameter vulnerabilities from being misused to track consumers' locations. The FCC has also asked carriers to detail any exploits of the protocols since 2018.

Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies
2024-04-03 16:10

Google has disclosed that two Android security flaws impacting its Pixel smartphones have been exploited in the wild by forensic companies. The high-severity zero-day vulnerabilities are as...

Feds finally decide to do something about years-old SS7 spy holes in phone networks
2024-04-02 23:17

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Malicious Apps Caught Secretly Turning Android Phones into Proxies for Cybercriminals
2024-04-01 10:10

Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been observed on the Google Play Store. The...

Free VPN apps on Google Play turned Android phones into proxies
2024-03-26 16:33

Over 15 free VPN apps on Google Play were found using a malicious software development kit that turned Android devices into unwitting residential proxies, likely used for cybercrime and shopping bots. HUMAN discovered the first PROXYLIB carrier app in May 2023, a free Android VPN app named "Oko VPN." The researchers later found the same library used by the LumiApps Android app monetization service.

SIM swappers hijacking phone numbers in eSIM attacks
2024-03-14 18:08

SIM swappers have adapted their attacks to steal a target's phone number by porting it into a new eSIM card, a rewritable SIM chip present on many recent smartphone models. Russian cybersecurity firm F.A.C.C.T. reports that SIM swappers in the country and worldwide have been taking advantage of this shift to eSIMs to hijack phone numbers and bypass protections to access bank accounts.

PixPirate Android malware uses new tactic to hide on phones
2024-03-13 18:13

The latest version of the PixPirate banking trojan for Android employs a new method to hide on phones while remaining active, even if its dropper app has been removed. PixPirate is a new Android malware first documented by the Cleafy TIR team last month seen targeting Latin American banks.

UK council yanks IT systems and phone lines offline following cyber ambush
2024-03-12 11:45

A cursory scan of the major ransomware groups' leak blogs shows none of the big names are yet claiming responsibility for the attack on Leicester City Council. "Over the weekend we have continued to work with our cybersecurity and law enforcement partners, as well as learning from other councils who have had attacks, to identify the nature of the incident and the steps we need to take to get our systems back online," said Richard Sword, strategic director of city developments and neighborhoods at Leicester City Council.

Details of a Phone Scam
2024-02-21 12:08

First-person account of someone who fell for a scam, that started as a fake Amazon service rep and ended with a fake CIA agent, and lost $50,000 cash. If you think it couldn't happen to you, think again.

Signal Introduces Usernames, Allowing Users to Keep Their Phone Numbers Private
2024-02-21 07:17

End-to-end encrypted (E2EE) messaging app Signal said it’s piloting a new feature that allows users to create unique usernames (not to be confused with profile names) and keep the phone numbers...