Today, the Freedom of the Press Foundation and the Guardian Project have launched a new Android application named Haven that will transform a phone into a mini-surveillance kit that can be used to record nearby surroundings in case of intrusions.
Many Android users may still have a backdoor on their device, according to new revelations made today by the Malwarebytes' mobile security research team.
A malware strain known as Loapi will damage phones if users don't remove it from their devices. Left to its own means, this modular threat will download a Monero cryptocurrency miner that will overheat and overwork the phone's components, which will make the battery bulge, deform the phone's cover, or even worse.
The Indian Defence Ministry has advised troops stationed on the Chinese border to uninstall Chinese-made apps from their smartphones.
Google's December 2017 Android Security Bulletin contains a fix for a vulnerability that allows malicious actors to bypass app signatures and inject malicious code into Android apps.
A vulnerability codenamed ParseDroid affects development tools used by Android app developers and allows attackers to steal files and execute malicious code on vulnerable machines.
Google announced plans to crack down on Android applications that fail to warn users when they are collecting personal data. The OS maker is giving app developers 60 days to fix their issues and update apps with notifications of their full practices. In case app developers fail to comply, Google will take it upon itself to warn users
The vast majority of Android mobile apps available on the official Google Play Store that are meant for the management of cryptocurrencies are vulnerable to the most common and well-known vulnerabilities, according to a report published today by Swiss cyber-security firm High-Tech Bridge.
A collaborative effort between the Yale Privacy Lab and Exodus Privacy has shed light on dozens of invasive trackers that are embedded within Android applications and record user activity, sometimes without user consent.
Android smartphones running Lolipop, Marshmallow, and Nougat, are vulnerable to an attack that exploits the MediaProjection service to capture the user's screen and record system audio
A security researcher has found a second factory app that was included on OnePlus devices delivered to customers, and this one can be abused to dump the user's photos and videos, but also GPS, WiFi, Bluetooth, and various other logs.
The Google Play Store is seeing a wave of malware-infested apps like never before. Four separate security companies have reported —or are preparing to release reports— on malware campaigns currently underway via Android apps available on the Play Store.
Some OnePlus devices, if not all, come preinstalled with an application named EngineerMode that can be used to root the device and may be converted into a fully-fledged backdoor by clever attackers.
Google has emailed Android app developers and has informed them of plans to remove all apps that misuse the Accessibility service from the Play Store.
A theoretical attack described by security researchers at the start of September has been integrated into a live malware distribution campaign for the first time.
Security researchers have discovered that tens of developers have left API credentials in hundreds of applications built around the Twilio service.
Google has published this month's Android security bulletin, and the company provided a fix for the KRACK vulnerability that came to light last month.