Hackers have exploited decades-old flaws in the SS7 mobile telephony protocol to hijack phone numbers and SMS messages, in order to bypass two-factor authentication (2FA) and steal money from bank accounts.
Mobile applications that open ports on Android smartphones are opening those phones to remote hacking, claims a team of researchers from the University of Michigan.
A new form of Android malware is wreaking havoc on Google Play. The malware, called FalseGuide was found in several Android apps that have been installed by over two million users.
Google has removed a feature of the Android operating system that has been used in the past in ransomware attacks.
A new form of Android malware, named Milkydoor, uses remote port forwarding via Secure Shell (SSH) tunnels to hide malicious traffic and grant attackers access to firewall-protected networks.
An Android app named "System Update" that secretly contained a spyware family named SMSVova, survived on the official Google Play Store for at least three years, since 2014, when it was updated the last time.
The BankBot Android banking trojan is giving Google engineers headaches, as this particular piece of malware has a knack for avoiding Google's security scans and reaching the official Play Store on a regular basis.
Scientists have developed a new type of material that could be used in the future to create self-healing electronics, such as smartphones, batteries, speakers, robotics, and others.
Owners of Android and iOS devices should pay special attention to security updates released by Google and Apple on Monday, as they contain fixes for a series of critical bugs affecting their phone's WiFi component.
Even before its official launch, smartphone experts are criticizing Samsung Galaxy S8 phones after one of their colleagues managed to bypass the facial recognition feature that ships with these phones by flashing a photo of himself in front of the phone.
News of malicious Android apps hosted on the Google Play Store doesn't seem to stop coming these days, as ESET and Zscaler researchers recently disclosed they've reported nearly 100 malicious apps they recently come across.
Android malware is evolving, and a clear trend has become visible in the past six months, with several malware strains implementing their malicious behavior via plugin frameworks.
Malware authors in China are using fake base transceiver stations (BTSs), which is equipment usually installed on cellular telephone towers, to send spoofed SMS messages that contain links to Android malware.
WhatsApp and Telegram have patched their respective web clients against a common security flaw discovered by researchers from Israeli firm Check Point, a security issue that would have allowed an attacker to take over user accounts and spy on conversations or steal user account data.
Following an internal audit, Google engineers say they'd discovered a new massive ad-fraud botnet that was infecting users via Android apps hosted on the official Play Store.
Instagram users are once again the targets of malicious Android apps hosted on the Play Store, apps which steal their credentials on false claims of boosting their account's follower numbers.
Two companies have discovered that someone had covertly installed malware on 38 devices used by their employees. According to security firm Check Point, the installation of the malicious apps took place somewhere along the supply chain, after phones left the manufacturer's factory and before they arrived at the two companies.
The Android Security Bulletin for March 2017 contains a bugfix for a unique security flaw exploitable via the headphones audio connector that could be leveraged to leak data from the device, break ASLR, reset phones to factory settings, or even access the Android HBOOT bootloader.