Even though users are reporting that the app is fake in the reviews on Google Play Store, it is still available for download and getting positive ratings. Malicious Android app found powering account creation service (bleepingcomputer.com) The actions of the app to hijack account creation processes for major services such …
Windows malware that can attack your phone
This attack by the pro-North Korean APT 37 espionage group has been aimed at specific targets. The malware exploits a backdoor in Windows and steals sensitive data from the infected PC and exfiltrates it to a Google Drive. ESET researchers also discovered the malware shows the capability to steal data …
Continue reading “Windows malware that can attack your phone”
Android remote keyboard apps with +2M downloads vulnerable
The apps PC Keyboard, Lazy Mouse, and Telepad have been discovered to have serious vulnerabilities in their code: Critical RCE bugs in Android remote keyboard apps with 2M installs (bleepingcomputer.com) This is the case for both the free and paid for versions and could expose the keypresses to monitoring and …
Continue reading “Android remote keyboard apps with +2M downloads vulnerable”
Can Apple identify us from “anonymous” data?
Apple declares that sharing device usage information with them is anonymous, but researchers are claiming this is not true and Apple can associate actual iCloud users to this shared information. Apple Device Analytics Contain Identifying iCloud User Data, Claim Security Researchers – MacRumors Would Apple do this? They are already …
Continue reading “Can Apple identify us from “anonymous” data?”
Malicious Android smartphone apps
Here are a couple of the current examples of Android malware that could compromise your organisation, reported in the technical press this week. New SandStrike spyware infects Android devices via malicious VPN app (bleepingcomputer.com) Malicious Android apps with 1M+ installs found on Google Play (bleepingcomputer.com) They have different malicious intent …
