Security News

If you want to sneak malware onto people's Android devices via the official Google Play store, it may cost you about $20,000 to do so, Kaspersky suggests. Before cybercriminals can share their malicious apps from Google's official store, they'll need a Play developer account, and Kaspersky says those sell for between $60 and $200 each.

American university researchers have developed a novel attack called "Near-Ultrasound Inaudible Trojan" that can launch silent attacks against devices powered by voice assistants, like smartphones, smart speakers, and other IoTs. The main principle that makes NUIT effective and dangerous is that microphones in smart devices can respond to near-ultrasound waves that the human ear cannot, thus performing the attack with minimal risk of exposure while still using conventional speaker technology.

In the image editing tool on Google's Pixel phones. The old data - the tail-end of last week's football game, in our VCR analogy - would remain behind on the stoarge device, but it would no longer be part of the digital file containing the new image.

Meta's former security policy manager, who split her time between the US and Greece, is reportedly suing the Hellenic national intelligence service for hacking her phone. "The Greek authorities and security services have at no time acquired or used the Predator surveillance software. To suggest otherwise is wrong," Giannis Oikonomou, the government spokesman, said.

aCropalypse Now, starring any 2018-or-later device If you've owned a Google Pixel smartphone since the 3 series came out in 2018, bad news: any screenshot that you've cropped or redacted on your...

Google has just revealed a fourfecta of critical zero-day bugs affecting a wide range of Android phones, including some of its own Pixel models. The four bugs we're talking about here are known as baseband vulnerabilities, meaning that they exist in the special mobile phone networking firmware that runs on the phone's so-called baseband chip.

Several vulnerabilities in Samsung's Exynos chipsets may allow attackers to remotely compromise specific Samsung Galaxy, Vivo and Google Pixel mobile phones with no user interaction."With limited additional research and development, we believe that skilled attackers would be able to quickly create an operational exploit to compromise affected devices silently and remotely," Google Project Zero researchers have noted.

Roid malware 'FakeCalls' is circulating again in South Korea, imitating phone calls for over 20 financial organizations and attempting to fool bankers into giving away their credit card details. "We discovered more than 2500 samples of the FakeCalls malware that used a variety of combinations of mimicked financial organizations and implemented anti-analysis techniques," reads CheckPoint's report.

A convincing Twitter scam is targeting bank customers by abusing the quote-tweet feature, as observed by BleepingComputer. Users tagging Twitter accounts of their banks in their tweets-for example, when raising complaints about an issue, should watch out for responses from non-verified Twitter accounts that may closely be impersonating the bank's support staff and instead be a scam.

Cisco on Wednesday rolled out security updates to address a critical flaw impacting its IP Phone 6800, 7800, 7900, and 8800 Series products. The vulnerability, tracked as CVE-2023-20078, is rated 9.8 out of 10 on the CVSS scoring system and is described as a command injection bug in the web-based management interface arising due to insufficient validation of user-supplied input.