Three new families of "auto-rooting adware," detailed by security researchers at Lookout, are "a worrying development in the Android ecosystem" because each can root the device and install itself as a system application, making the contamination virtually impossible to remove as the infection is designed to survive even a "factory data reset" device wipe.
Researchers have uncovered a new type of Android adware that's virtually impossible to uninstall, exposes phones to potentially dangerous root exploits, and masquerades as one of thousands of different apps from providers such as Twitter, Facebook, and even Okta, a two-factor authentication service.
Security researchers from Trend Micro have discovered that a software development kit used by thousands of applications is leaving Android users at risk.
The Moplus SDK was created by Chinese firm Baidu and is susceptible to backdoor functionalities. It is believed that approximately 100 million Android devices users are affected.
The Stagefright vulnerabilities are the gifts that keep on giving.
Months after the potentially devastating security flaws in the mobile OS were publicly disclosed, Google continues to send out patches addressing vulnerabilities related to the initial reports.
Soon after Dutch newspaper Volkskrant reported [in Dutch] about the Android vulnerability on the 27th of June, some members of the (security) community raised concerns about our attack.
It would be "nothing new" and "overrated". Some people [in Dutch] suggested that having a strong password already helps a lot, while others doubt the possibility of uploading malicious code on the Google Play Store and/or maintain that your phone will display plenty of warnings if you were to try this attack. They all miss the point.
f you've got an Android 5.0 smartphone with anything but the very latest version of Lollipop on it, it's best to use a PIN or pattern to secure your lock-screen – because there's a trivial bypass for its password protection.
The vulnerability, published here by University of Texas researchers, allows miscreants to sidestep lock-screens on Android 5 devices, unless they've been fully patched to version 5.1.1 including last week's security updates.
Although Google has been dropping some very heavy hints lately, we didn’t know exactly what sweet treat the next version of its Android operating system would be named after.
Well, if you were hoping to place a bet on "M&Ms" (or go for a truly outside flutter on "Maltodextrin"), you’re too late I’m afraid, and also lucky as you’d have lost your stake. M, Google says, is for Marshmallow.
Google Inc and Samsung Electronics Co will release monthly security fixes for Android phones, a growing target for hackers, after the disclosure of a bug designed to attack the world's most popular mobile operating system.
The change came after security researcher Joshua Drake unveiled what he called Stagefright, hacking software that allows attackers to send a special multimedia message to an Android phone and access sensitive content even if the message is unopened.
We reported on a newly discovered Android security vulnerability yesterday, hackers can gain access by simply sending a MMS message to the target’s device and it doesn’t even matter if that message is opened or not, Android’s default media handling system would automatically process the message and activate the code. Naturally this has raised security concerns and Google has now come out with a statement on the matter, it promises a fix for this flaw by next week.
We reported on a newly discovered Android security vulnerability yesterday, hackers can gain access by simply sending a MMS message to the target’s device and it doesn’t even matter if that message is opened or not, Android’s default media handling system would automatically process the message and activate the code. Naturally this has raised security concerns and Google has now come out with a statement on the matter, it promises a fix for this flaw by next week.
