HackDig : Dig high-quality web security articles

Zombinder APK binding service used in multiple malware attacks

Zombinder is a third-party service on darknet used to embed malicious payloads in legitimate Android applications. While investigating a new malware campaign targeting Android and Windows systems, researchers at Threat Fabric discovered a darknet service, dubbed Zombinder, used to embed malicious payloads in legitimate Android apps. The campaign involv
Publish At:2022-12-08 18:30 | Read:31103 | Comments:0 | Tags:Breaking News Cyber Crime Deep Web Hacking Malware Mobile An

Google: How Android’s Private Compute Core protects your data

Google has disclosed more technical details about how Private Compute Core (PCC) on Android works and keeps sensitive user data processed locally on protected devices.Introduced in Android 12, PCC is a secure, isolated, and trusted environment within the operating system where data from sensors, GPS, microphone, camera, and screen are stored and processed to
Publish At:2022-12-08 16:12 | Read:18311 | Comments:0 | Tags:Security Google Mobile android

Tor Browser 12.0 brings Apple Silicon support, Android enhancements

The Tor Project team has announced the release of Tor Browser 12.0, a major version release introducing support for Apple Silicon chips and several enhancements for the Android version.Tor is a Firefox-based browser created for accessing special .onion domains only accessible on the Onion network and browsing the web with more anonymity and privacy.The brows
Publish At:2022-12-08 16:12 | Read:23368 | Comments:0 | Tags:Security android

Time to uninstall! Abandoned Android apps pack a vulnerability punch

Synopsis has published an advisory warning of multiple vulnerabilities across three different Android remote mouse and keyboard apps with a combined install count of about two million. The apps are at risk from remote code execution (RCE), and there’s no sign of a fix coming anytime, ever. Bleeping Computer notes that the issues were first discovered a
Publish At:2022-12-08 14:18 | Read:18948 | Comments:0 | Tags:News CVE android apps abandonware vulnerability bug telepad

Android is slowly mastering memory management vulnerabilities

Recently we wrote about why the NSA wants you to shift to memory safe programming languages. The short version is: If you ever read our posts describing security vulnerabilities, you will see a lot of phrases like "buffer overflow", "failure to release memory", "use after free", "memory corruption", and "memory leak". These are all memory management issues.
Publish At:2022-12-08 14:18 | Read:15661 | Comments:0 | Tags:News Memory safe languages Rust statistics android

Ho, ho, no! Scams to avoid this festive season

Whether you’ve been naughty or nice, someone will try and stuff a scam down your chimney either way. The FBI is warning of several likely ways to be parted from your funds or logins, and we’re going to give some additional context along with tips to avoid these digital lumps of coal. Social media shopping scams The FBI says: Consumers should bew
Publish At:2022-12-08 14:18 | Read:11764 | Comments:0 | Tags:News FBI scams xmas christmas festive season social media cr

Update now! Google patches Android vulnerability that allows remote code execution over Bluetooth

In the Android security bulletin of December 5, 2022 you can find an overview of the security vulnerabilities affecting Android devices that are fixed in patch level 2022-12-05 or later. The most severe of these issues is a critical security vulnerability in the System component that could lead to remote code execution over Bluetooth with no additi
Publish At:2022-12-08 14:18 | Read:23078 | Comments:0 | Tags:Android Exploits and vulnerabilities News Vulnerability andr

Android app with over 5m downloads leaked user browsing history

The Android app Web Explorer – Fast Internet left an open instance, exposing a trove of sensitive data that malicious actors could use to check specific users’ browsing history. Original post at https://cybernews.com/security/android-app-leaked-user-browsing-history/ A browsing app for Android devices, Web Explorer – Fast Internet, left open its Fireba
Publish At:2022-12-08 11:50 | Read:22968 | Comments:0 | Tags:Breaking News Mobile Security Android data leak Hacking hack

New 'Zombinder' platform binds Android malware with legitimate apps

A darknet platform dubbed 'Zombinder' allows threat actors to bind malware to legitimate Android apps, causing victims to infect themselves while still having the full functionality of the original app to evade suspicion.This new platform was discovered by cybersecurity firm ThreatFabric, which spotted malicious Windows and Android campaigns distributing mul
Publish At:2022-12-08 08:16 | Read:18285 | Comments:0 | Tags:Security android

Over 75 Vulnerabilities Patched in Android With December 2022 Security Updates

Google this week announced the December 2022 Android updates with patches for over 75 vulnerabilities, including multiple critical remote code execution (RCE) flaws.The most severe of the RCE bugs is CVE-2022-20411, an issue in Android’s System component that could be exploited over Bluetooth.“The most severe of these issues is a critical security vulnerabil
Publish At:2022-12-07 10:30 | Read:45286 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Vulnerabilities Mobile &

Android December 2022 security updates fix 81 vulnerabilities

Google has released the December 2022 security update for Android, fixing four critical-severity vulnerabilities, including a remote code execution flaw exploitable via Bluetooth.This month’s update addresses 45 vulnerabilities in core Android components with patch level 2022-12-01, and another 36 vulnerabilities impacting third-party components addres
Publish At:2022-12-06 16:11 | Read:72586 | Comments:0 | Tags:Security Google Mobile security android

Android malware apps with 2 million installs spotted on Google Play

A new set of Android malware, phishing, and adware apps have infiltrated the Google Play store, tricking over two million people into installing them.The apps were discovered by Dr. Web antivirus and pretend to be useful utilities and system optimizers but, in reality, are the sources of performance hiccups, ads, and user experience degradatio
Publish At:2022-12-05 08:15 | Read:66789 | Comments:0 | Tags:Security Google Mobile android

Google Migrating Android to Memory-Safe Programming Languages

Google is seeing a significant decrease in memory safety issues in Android due to the progressive migration to memory-safe programming languages, such as Rust.Between 2019 and 2022, the annual number of reported memory safety issues in Android has dropped from 223 to 85, due to an increase in the amount of memory-safe code entering the mobile platform, and t
Publish At:2022-12-02 10:30 | Read:80009 | Comments:0 | Tags:Mobile Security NEWS & INDUSTRY Vulnerabilities Mobile &

Android Keyboard Apps with 2 Million downloads can remotely hack your device

Experts found multiple flaws in three Android Keyboard apps that can be exploited by remote attackers to compromise a mobile phone. Researchers at the Synopsys Cybersecurity Research Center (CyRC) warn of three Android keyboard apps with cumulatively two million installs that are affected by multiple flaws (CVE-2022-45477, CVE-2022-45478, CVE-2022-45479,
Publish At:2022-12-02 07:51 | Read:72877 | Comments:0 | Tags:Breaking News Hacking Mobile Android Keyboard hacking news I

Compromised OEM Android platform certificates used to sign malware

​Multiple platform certificates used by Android OEM device vendors to digitally sign core system applications were utilized by threat actors to sign apps containing malware.OEM Android device manufacturers use platform certificates, or platform keys, to sign devices' core ROM images containing the Android operating system and associated apps.If apps, e
Publish At:2022-12-02 00:08 | Read:58011 | Comments:0 | Tags:Security Google Mobile android

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud