Credit to Author: Tatyana Shishkova| Date: Thu, 22 Sep 2022 10:00:34 +0000
A slew of apps containing the Harly Trojan subscriber have been found on Google Play, adding up to more than 4.8 million downloads. We explain why these apps are dangerous.
Read more
Credit to Author: eschuman@thecontentfirm.com| Date: Fri, 16 Sep 2022 03:00:00 -0700
Geolocation was once a glorious way to know who your company is dealing with (and sometimes what they are doing). Then VPNs started to undermine that. And now, things have gotten so bad that the Apple App Store and Google Play both offer apps that unashamedly declare they can spoof locations — and neither mobile OS vendor does anything to stop it.
Why? It seems both Apple and Google created the holes these developers are using.
In a nutshell, Apple and Google — to test their apps across various geographies — needed to be able to trick the system into thinking that their developers are wherever they wanted to say that they are. What’s good for the mobile goose, as they say.
Categories: News Tags: CVE-2022-37969 Tags: CVE-2022-23960 Tags: CVE-2022-35805 Tags: CVE-2022-34700 Tags: CVE-2022-34718 Tags: CVE-2022-34721 Tags: CVE-2022-34722 Tags: Microsoft Tags: Adobe Tags: Android Tags: Apple Tags: Cisco Tags: Google Tags: Samsung Tags: SAP Tags: VMWare The September 2022 Patch Tuesday updates includes two zero-day vulnerabilities, one of which is known to be used in attacks |
The post Update now! Microsoft patches two zero-days appeared first on Malwarebytes Labs.
Read moreCategories: Android Categories: News A PDF reader found on Google Play with over one million downloads is aggressively displaying full screen ads, even when the app is not in use. |
The post Adware found on Google Play — PDF Reader serving up full screen ads appeared first on Malwarebytes Labs.
Read moreCredit to Author: Katie McCafferty| Date: Wed, 31 Aug 2022 16:00:00 +0000
Microsoft discovered a high-severity vulnerability in the TikTok Android application, now identified as CVE-2022-28799 and fixed by TikTok, which could have allowed attackers to compromise users’ accounts with a single click.
The post Vulnerability in TikTok Android app could lead to one-click account hijacking appeared first on Microsoft Security Blog.
Read moreCategories: Android Categories: News A PDF reader found on Google Play with over one million downloads is aggressively displaying full screen ads, even when the app is not in use. |
The post Adware found on Google Play — PDF Reader servicing up full screen ads appeared first on Malwarebytes Labs.
Read more
Credit to Author: Enoch Root| Date: Fri, 12 Aug 2022 09:10:24 +0000
In the app descriptions on Google Play, a new Data Safety section was added, but the app permissions list has disappeared.
Read moreCategories: Exploits and vulnerabilities Categories: News Tags: Microsoft Tags: patch Tuesday Tags: MSDT Tags: NFS Tags: PPP Tags: Exchange Tags: CVE-2022-34713 Tags: CVE-2022-35743 Tags: DogWalk Tags: CVE-2022-30134 Tags: CVE-2022-24477 Tags: CVE-2022-24516 Tags: CVE-2022-30133 Tags: CVE-2022-34715 Tags: Adobe Tags: Cisco Tags: Google Tags: Android Tags: SAP Tags: VMWare Patch Tuesday for August 2022 has come around. We take a look at the most important vulnerabilities that Microsoft’s fixed and a brief look at what other vendors did. |
The post Update now! Microsoft fixes two zero-days in August’s Patch Tuesday appeared first on Malwarebytes Labs.
Read more