People are slowly learning to be careful about providing their credentials when prompted by an email or phone call, but hackers are getting more creative and tricking users into giving their credentials when users think they’re just signing into their mobile app.  For example, BankBot is Android-targeting malware using fake overlay screens to mimic existing

Google’s October 2019 set of security patches for Android address a total of 26 vulnerabilities in the operating system, including a couple of remote code execution bugs impacting Android 10.The most important of these vulnerabilities are three remote code execution flaws in the Media framework (CVE-2019-2184, CVE-2019-2185, and CVE-2019-2186), all three rat

Let’s Reverse the Threat of Identity Theft!! Our online identities are critical. In fact, you could argue that they are our single most unique asset. Whether we are applying for a job, a mortgage or even starting a new relationship, keeping our online identity protected, secure and authentic is essential. This week is Stay Smart Online Week in Australia R

The developers of the popular privacy-focused messaging application Signal have rushed to patch a serious vulnerability in the Android version that can be exploited by an attacker to eavesdrop on users.The flaw, tracked as CVE-2019-17191, was discovered by Google Project Zero researcher Natalie Silvanovich. The issue was reported to Signal developers in late

October is finally among us, and things are spookier than usual. One ghost causing some hocus pocus across the World Wide Web is Ghostcat-3PC, a browser-hijacking malware that has launched at least 18 different malvertising campaigns in the last three months. According to SC Magazine, Ghostcat’s goal is to hijack users’ mobile browsing sessions and is specif

Fully patched Pixel 2 devices, even those running Android 10 preview, are impacted by a vulnerability that has already been abused in attacks, a Google Project Zero security researcher has discovered.The issue, tracked as CVE-2019-2215, is a use-after-free in the binder driver that could result in an exploitable crash, Project Zero researcher Maddie Stone re

Google on Wednesday announced that its Password Checkup tool has been added to the Account password manager, and the company has unveiled some new security and privacy features for YouTube, Maps and Assistant.Launched in February 2019 as an extension for Chrome, Password Checkup is designed to display a warning whenever users log in to a website with credent

Fears and phobias. We all have them. But what are your biggest ones? I absolutely detest snakes but spiders don’t worry me at all. Well, new research by McAfee shows that cybercriminals and the fear of being hacked are now the 5th greatest fear among Aussies. With news of data breaches and hacking crusades filling our news feed on a regular basis, many of us

The CyberSecurity Breakthrough Awards announced today that Zimperium won “Overall Mobile Security Solution of the Year” award. CyberSecurity Breakthrough is a leading independent market intelligence organization that recognizes the top companies, technologies and products in the global information security market today.  Our machine learning-based engine, z

According to a SecurityWeek article, “With over 66% of emails first opened on a mobile device and email arguably the first point of attack for a phishing actor, unprotected emails on a mobile device can easily turn into a new avenue for attack.”  Furthermore, it’s not just corporate email that you have to worry about. Users check their personal emails from

According to our latest State of Enterprise Mobile Report, mobile devices continue to be the target of attack at increasing rates. There is a relatively simple explanation for this – in a typical organization today, 60 percent of the endpoints containing or accessing enterprise data are mobile; the majority of which do not have any security protection

Apple on Friday released security updates for iOS 13 and iPadOS to address a vulnerability that allowed third-party keyboard extensions to gain “full access” without being granted permission.The bug, Apple revealed earlier this week, only impacts devices where third-party keyboards request full access permissions, but does not affect Apple keyboards or third

A new variant of a recently disclosed SIM card attack method could expose millions of mobile phones to remote hacking, researchers have warned.Earlier this month, cyber telecoms security firm AdaptiveMobile Security disclosed the details of Simjacker, an attack method that involves sending specially crafted SMS messages to the targeted mobile phone.The attac

A researcher specializing in iOS security claims to have created a bootrom exploit that can be leveraged to jailbreak hundreds of millions of iOS devices, including all iPhones between iPhone 4S and iPhone X.The hacker, who uses the online moniker axi0mX, has released the exploit for free in hopes that it would benefit security researchers and the iOS jailbr

No one expects securing mobile devices to be a fast check-off on IT and security to-do lists.  But one area that seems manageable on the surface, becomes increasingly complex when you dig into the details – – updating to the current operating system.   The variety of mobile devices – over 25,000 different models in 2019 – combined wi