Integration of Zimperium’s mobile device risk attestation into the PingFederate platform enables real-time Zero Trust authorizations and access to corporate resources Zimperium is excited to announce a partnership with Ping Identity, enhancing Zero Trust architectures by delivering comprehensive mobile risk posture data to enable joint customers to implemen

Two new active and aggressive Android Trojan variants have been discovered in the wild, impacting users taking advantage of two alternatives, non-Google Play app stores (“third-party” app stores). The discoveries are examples of how malware can spread through other sources outside of Google Play, and highlight the importance of sideloading detection, on-dev

Ten variants of the Joker Android Trojan managed to slip into the Huawei AppGallery app store and were downloaded by more than 538,000 users, according to new data from Russian anti-malware vendor Doctor Web.Also known as Bread, the Joker Trojan was first observed in 2017 when it was originally focused on SMS fraud. Last year, the malware was observed perfor

South Korean tech giant LG this week announced that it will continue to provide operating system updates to users of its premium Android smartphones, for up to three years.Currently owning less than two percent of the mobile phone market and constantly losing ground over the past year, LG on Monday revealed plans to exit the smartphone business starting this

NEWS ANALYSIS: Google’s decision to promote Rust for low-level Android programming is another sign that the shelf-life for memory corruption mitigations are no match for the speed of in-the-wild exploit development.Just 13 years after Google introduced the sandbox in Chrome touting "a new approach in browser security,” the company is now blaming the limitati

The April 2021 Android security bulletin published this week by Google describes more than 30 vulnerabilities in the mobile operating system, including a remote code execution flaw in the System component.Tracked as CVE-2021-0430 and affecting Android 10 and 11, the code execution vulnerability is deemed critical severity. The bug was patched as part of the

A critical vulnerability recently addressed in the VMware Carbon Black Cloud Workload could be abused to execute code on a vulnerable server, according to a warning from a security researcher who discovered the bug. Tracked as CVE-2021-21982 and featuring a CVSS score of 9.1, the recently addressed vulnerability resides in the administrative interface f

Customers Offered Greater Visibility with Oracle Cloud Infrastructure Today, Zimperium –  a leader in enterprise mobile security and a member of Oracle PartnerNetwork (OPN) – announced that we are collaborating with Oracle to offer our mobile threat defense (MTD) solutions on Oracle Cloud Infrastructure (OCI). We are working together with Oracle

Bluetooth is an amazingly useful wireless technology built into almost every smartphone, tablet and laptop. We can use it to transfer files, play audio wirelessly, collect health data from wearable trackers and more. But like WiFi, Bluetooth is being targeted by hackers as a way to break into your devices and steal personal data. Because it is so useful, mos

Apple has shipped an urgent security update to fix a major security flaw affecting iPhone, iPad and Apple Watch devices alongside a warning that the vulnerability is being actively exploited in the wild.The new iOS 14.4.2 was released on Friday with yet another band-aid for Apple’s flagship iOS platform and the company said it was “aware of reports that an e

A design flaw discovered in the architecture of 5G network slicing can allow malicious actors to access potentially sensitive data and launch denial-of-service (DoS) attacks, mobile network security company AdaptiveMobile Security warned this week.5G network slicing enables operators to provide different amounts of resources to different types of traffic — b

A critical vulnerability in the official Facebook for WordPress plugin could be abused to upload arbitrary files, essentially leading to remote code execution, according to a warning from security researchers at Wordfence.Formerly known as Official Facebook Pixel, the Facebook for WordPress plugin is used on more than 500,000 sites, allowing administrators t

Facebook’s threat intelligence team says it has disrupted a sophisticated Chinese spying team that routinely use iPhone and Android malware to hit journalists, dissidents and activists around the world.The hacking group, known to malware hunters as Evil Eye, has used Facebook to plant links to watering hole websites rigged with exploits for the two major mob

Mozilla today announced the release of Firefox 87 in the stable channel fitted with a new intelligent tracker blocking mechanism.Called SmartBlock, the feature works in Firefox Private Browsing and Strict Mode and is meant to improve users’ browsing experience through fixing pages that Mozilla’s tracking protections break.Firefox has had a built-in Content B

Google has warned Android users that a recently patched vulnerability has been exploited in attacks.The vulnerability in question, tracked as CVE-2020-11261, was patched by Google with the Android security updates released in January 2021.The vulnerability is a high-severity improper input validation issue affecting a display/graphics component from Qualcomm