SecurityWeek
Android 15 Brings Improved Fraud and Malware Protections
Google is boosting fraud and malware protections in Android 15 with live threat detection and expanded restricted settings.
SC Magazine
Google patches 3rd Chrome browser zero-day inside of a week
Security pros say the uptick in Chrome zero-days this week demonstrates an increased focus by threat actors on attacking browsers.
Bleeping Computer
Android to add new anti-theft and data protection features
Google is introducing multiple anti-theft and data protection features later this year, some available only for Android 15+ devices, while others will roll out to billions of devices running Android 10 and later.
Bleeping Computer
Android 15, Google Play get new anti-malware and anti-fraud features
Today, Google announced new security features coming to Android 15 and Google Play that will help block scams, fraud, and malware apps on users' devices.
Bleeping Computer
Android 15, Google Play Protect get new anti-malware and anti-fraud features
Today, Google announced new security features coming to Android 15 and Google Play Protect that will help block scams, fraud, and malware apps on users' devices.
The Hacker News
Android 15 Rolls Out Advanced Features to Protect Users from Scams and Malicious Apps
Android 15 introduces new features to prevent malicious apps from capturing your sensitive data. Find out more about these crucial updates:
The Hacker News
Google Launches AI-Powered Theft and Data Protection Features for Android Devices
Google just unveiled new "private space" feature lets you keep your sensitive apps hidden and locked with a separate PIN.
SecurityWeek
Threat Actors Abuse GitHub to Distribute Multiple Information Stealers
Russian-speaking threat actors are caught abusing a GitHub profile to distribute information stealers posing as legitimate software.
SecurityWeek
Unwanted Tracking Alerts Rolling Out to iOS, Android
Apple and Google have rolled out a new mobile feature that warns users of unwanted trackers moving with them.
The Hacker News
Microsoft Patches 61 Flaws, Including Two Actively Exploited Zero-Days
Microsoft has patched 61 new security flaws, including two zero-days actively exploited in the wild.
.webp)
Cyber Security News
WPS Office For Android Vulnerability Puts Over 500 Million+ Users At Risk
WPS Office is a office suite developed by Kingsoft that supports spreadsheets, presentations, documents and others. It has been used
Cyber Security News
Let's AI Search for You! Google Search Now Gets Advanced AI-Powered Capabilities
Google revealed its plans to integrate advanced generative AI capabilities into its flagship Search product. This move promises to transform the way users interact with and leverage information on the internet.
Bleeping Computer
Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws
Today is Microsoft's May 2024 Patch Tuesday, which includes security updates for 61 flaws and three actively exploited or publicly disclosed zero days.
HACKRead
Android Malware Poses as WhatsApp, Instagram, Snapchat to Steal Data
A new Android malware poses as popular applications like WhatsApp, Instagram, and Snapchat to steal user data, including login credentials.
Bleeping Computer
Apple and Google add alerts for unknown Bluetooth trackers to iOS, Android
On Monday, Apple and Google jointly announced a new privacy feature that warns Android and iOS users when an unknown Bluetooth tracking device travels with them.
Infosecurity News
Russian Actors Weaponize Legitimate Services in Multi-Malware Attack
Recorded Future details a novel campaign that abuses legitimate internet services to deploy multiple malware variants for credential theft
HACKRead
Kaspersky Reveals Global Rise in APTs, Hacktivism and Targeted Attacks
The Israel-Hamas conflict has fueled a wave of hacktivism activity, with groups like SiegedSec launching attacks and leaking sensitive information.
SecurityWeek
Google Patches Second Chrome Zero-Day in One Week
Google has patched CVE-2024-4761, the second exploited vulnerability addressed by the company within one week.
Cyber Security News
Chrome Zero-day Vulnerability Exploited in the Wild, Patch Now!
Google has released an urgent security update for the Chrome browser to address a high-severity vulnerability that is being actively exploited in the wild.
Latest Hacking News
Google Admits Active Exploitation For Chrome Browser Zero-Day
Chrome users must ensure that their devices are updated with the latest browser release. Google addressed an actively exploited zero-day flaw with the latest build, which applies to all Chrome users with various devices. The
CSO
Equipped with AI tools, hackers make apps riskier than ever
The odds of attacks are growing as attackers can now easily access code modification and reverse engineering tools.
The Hacker News
Apple and Google Launch Cross-Platform Feature to Detect Unwanted Bluetooth Tracking Devices
pple and Google just rolled out a cross-platform feature called "Detecting Unwanted Location Trackers" (DULT) on iOS and Android to protect users.
Bleeping Computer
Apple backports fix for zero-day exploited in attacks to older iPhones
Apple has backported security patches released in March to older iPhones and iPads, fixing an iOS zero-day tagged as exploited in attacks.
Bleeping Computer
Apple backports fix for RTKit iOS zero-day to older iPhones
Apple has backported security patches released in March to older iPhones and iPads, fixing an iOS Kernel zero-day tagged as exploited in attacks.
The Cyber Express
TCE Cyberwatch: Weekly Wrap on AI, Deepfakes, Cybersecurity Challenges Affecting Nations Worldwide
This week on TCE Cyberwatch we’re covering the different data breaches and vulnerabilities faced by different companies. Along with this,
Security Affairs
Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
CSO
Google Chrome gets a patch for actively exploited zero-day vulnerability
Details of the use-after-free memory vulnerability were not publicly released, but Google says it’s aware an exploit for the bug exists.
SecurityWeek
Exploited Chrome Zero-Day Patched by Google
A Chrome 124 update patches the second Chrome zero-day that has been found to be exploited in malicious attacks in 2024.
Cyber Security News
New 'TunnelVision' Technique Allows Hackers to Bypass VPN Encryption
Security researchers have uncovered a new technique called "TunnelVision" that exposes a fundamental flaw in routing-based Virtual Private Networks (VPNs),
The Hacker News
Malicious Android Apps Pose as Google, Instagram, WhatsApp, Spread via Smishing
Fake Android apps mimicking popular platforms like Google & WhatsApp are stealing user data.
The Hacker News
New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation
Researchers have uncovered a vulnerability (CVE-2024-3661) that allows threat actors to snoop on your VPN traffic.
Infosecurity News
Mobile Banking Malware Surges 32%
Afghanistan, Turkmenistan and Tajikistan victims experienced the highest share of banking Trojans
SecurityWeek
Android Update Patches Critical Vulnerability
Android’s May 2024 security update patches 38 vulnerabilities, including a critical bug in the System component.
Bleeping Computer
New attack leaks VPN traffic using rogue DHCP servers
A new attack dubbed "TunnelVision" can route traffic outside a VPN's encryption tunnel, allowing attackers to snoop on unencrypted traffic while maintaining the appearance of a secure VPN connection.
Latest Hacking News
Android Ruins VPN Use Due To Its DNS Leak Flaw
Heads up, Android users! If you’re using a VPN, it’s time to meddle with your device settings to deal with the DNS leak vulnerability that sneakily affects Android devices. This vulnerability keeps leaking the DNS
Latest Hacking News
Brokewell Malware Spreads Via Fake Chrome Updates On Mobile Devices
Android mobile users must stay wary of new malware, “Brokewell,” ready to break their banks. As observed, Brokewell is a potent banking trojan that lures victims into downloading it by faking Chrome browser updates. Brokewell Malware
Cyber Security News
New CraxsRAT Version Claims Capability To Bypass Google Play Antivirus
In a concerning development in the cybersecurity landscape, the latest version of CraxsRAT, known as v7.4, has been released with claims of
CyberNews
Google's Waze calling for calm while driving
Google is reminding Waze users to stay centered and try meditative driving with its Headspace feature.
Ars Technica
Novel attack against virtually all VPN apps neuters their entire purpose
TunnelVision vulnerability has existed since 2002 and may already be known to attackers.
Cyber Security News
Finland Warns Of New Android Malware Stealing Banking Logins
Watch out for harmful Finnish SMS which tricks Android device users into loading banking malware by dialing a spoofed service number.
CyberNews
New spyware targets Macs pretending to be “Spotify Music Converter”
Arm and Intel-based Macs are being targeted by a new dangerous malware, dubbed Cuckoo.
Cyber Security News
Multiple Xiaomi Android Devices Vulnerability Let Attackers Hijack Phones
Several security experts have recently discovered that Xiaomi Android devices are suffering from a range of security vulnerabilities that affect several apps and system components.
The Cyber Express
Finland Warns of New Android Malware that Siphons Money from your Bank
Finland has warned of an ongoing Android malware campaign that targets banking details of its victims by enticing them to
The Hacker News
Xiaomi Android Devices Hit by Multiple Flaws Across Apps and System Components
Xiaomi devices running Android have been found to contain multiple security vulnerabilities in various apps and system components.
The Hacker News
New 'Cuckoo' Persistent macOS Spyware Targeting Intel and Arm Macs
A new malware called "Cuckoo" is on the loose, targeting both Intel and ARM-based Macs.
Security Affairs
Finland authorities warn of Android malware campaign targeting bank users
Finland's Transport and Communications Agency (Traficom) warned about an ongoing Android malware campaign targeting bank accounts.
Krebs on Security
Why Your VPN May Not Be As Secure As It Claims
Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers…
Bleeping Computer
Finland warns of Android malware attacks breaching bank accounts
Finland's Transport and Communications Agency (Traficom) has issued a warning about an ongoing Android malware campaign targeting banking accounts.
Security Affairs
Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
.png)
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
The weekly news summary keeps you up to date with what’s happening in cybersecurity, including developments, vulnerabilities, breaches, threats, and defensive strategies. Knowing about new cyber risks and attack vectors helps you put up safeguards and preventive measures as soon as possible to protect your systems. Remaining constantly aware gives you a holistic view of […]
Cyber Security News
Android Bug Leaks DNS Traffic to Hackers While Switching VPN Servers
Android's operating system has identified a critical vulnerability that allows DNS traffic to leak during VPN server switches, potentially exposing users' internet activity to cybercriminals.
CyberNews
Google trial wraps, judge weighs landmark US antitrust claims
Google and the US Justice Department wrap up closing arguments over claims that parent company Alphabet unlawfully dominated web search and related advertising.
Bleeping Computer
Android bug can leak DNS traffic with VPN kill switch enabled
A Mullvad VPN user has discovered that Android devices leak DNS queries when switching VPN servers even though the "Always-on VPN" feature was enabled with the "Block connections without VPN" option.
Bleeping Computer
Android bug leaks DNS queries even when VPN kill switch is enabled
A Mullvad VPN user has discovered that Android devices leak DNS queries when switching VPN servers even though the "Always-on VPN" feature was enabled with the "Block connections without VPN" option.
Bleeping Computer
Microsoft rolls out passkey auth for personal Microsoft accounts
Microsoft announced that Windows users can now log into their Microsoft consumer accounts using a passkey, allowing users to authenticate using password-less methods such as Windows Hello, FIDO2 security keys, biometric data (facial scans or fingerprints), or device PINs.
Security Affairs
Dirty stream attack poses billions of Android installs at risk
Microsoft discovered a security flaw dubbed "Dirty Stream" affecting widely used Android applications, billions of installations are at risk.
CyberNews
You’ll soon be able to see less of your ex on Google Photos
Google Photos is testing an upgrade that’ll allow users to control which faces they want to see in their Memories recaps.
.webp)
Cyber Security News
Critical OpenVPN Zero-Day Flaws Affecting Millions of Endpoints Across the Globe
Security researchers have uncovered four zero-day vulnerabilities within OpenVPN, the world's leading VPN solution.
SecurityWeek
Microsoft Warns of 'Dirty Stream' Vulnerability in Popular Android Apps
Microsoft has uncovered a new type of attack called Dirty Stream that impacted Android apps with billions of installations.
CyberNews
Microsoft goes passwordless on all consumer accounts
Microsoft has launched passkeys enabling users to drop passwords to access the company’s accounts.
The Cyber Express
Dirty Stream Flaw Present in Android Apps with Millions of Downloads
Researchers have discovered that several popular Android applications in the Google Play Store with millions, even a billion downloads are
CyberNews
Android apps with 4B installs leave open doors to code execution attacks
If your Android device has Xiaomi’s File Manager or WPS Office, update them immediately.
DarkReading
Billions of Android Devices Open to 'Dirty Stream' Attack
Microsoft has uncovered a common vulnerability pattern in several apps allowing code execution; at least four of the apps have more than 500 million installations each; and one, Xiaomi's File Manager, has at least 1 billion installations.
Bleeping Computer
Bitwarden launches new MFA Authenticator app for iOS, Android
Bitwarden, the creator of the popular open-source password manager, has just launched a new authenticator app called Bitwarden Authenticator, which is available for iOS and Android devices.
Infosecurity News
Android Flaw Affected Apps With 4 Billion Installs
Microsoft illustrated the severity of the issue via a case study involving Xiaomi’s File Manager
Bleeping Computer
Microsoft warns of "Dirty Stream" attack impacting Android apps
Microsoft has highlighted a novel attack dubbed "Dirty Stream," which could allow malicious Android apps to overwrite files in another application's home directory, potentially leading to arbitrary code execution and secrets theft.
Cyber Security News
Path Traversal Vulnerability In Popular Android Apps Let Attackers Overwrite Files
The reason why hackers aim at well-known Android applications is that many people use them, and this means that when they attack it can impact
The Hacker News
Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw
Popular apps like Xiaomi File Manager and WPS Office are vulnerable to a path traversal flaw that could let hackers overwrite files and execute malici
The Cyber Express
World Password Day: Top 10 Password Managers for Ultimate Digital Safety
In today's digital age, the necessity of strong and unique passwords has never been more critical. With cyber threats looming
Bleeping Computer
Keep your files safe with $130 off Amaryllo Cloud Storage
Off-site backups are important for everyone, from small businesses to freelancers. Get 500GB of cloud storage from Amaryllo for a one-time payment of $119.99, $130 off the $249 MSRP.
Ars Technica
Anthropic releases Claude AI chatbot iOS app
Anthropic finally comes to mobile, launches plan for teams that includes 200K context window.
The Hacker News
Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers
Researchers have uncovered a new Android malware called Wpeeper that uses compromised WordPress sites to hide its true command-and-control servers.
SecurityWeek
Wpeeper Android Trojan Uses Compromised WordPress Sites to Shield Command-and-Control Server
Chinese cybersecurity firm QAX XLab uncovered an Android trojan that hides its command-and-control server behind compromised WordPress sites.
Bleeping Computer
Protect your data without losing speed with $233 off SurfShark VPN
A VPN lets you connect anywhere with confidence that snoops and thieves won't be able to tap into your data. This two-year subscription to SurfShark VPN gives you unlimited bandwidth and device connection for $56.99, $233 off the $290 MSRP.
Bleeping Computer
Google now pays up to $450,000 for RCE bugs in some Android apps
Google has increased rewards for reporting remote code execution vulnerabilities within select Android apps by ten times, from $30,000 to $300,000, with the maximum reward reaching $450,000 for exceptional quality reports.
Bleeping Computer
New Wpeeper Android malware hides behind hacked WordPress sites
A new Android backdoor malware named 'Wpeeper' has been spotted in at least two unofficial app stores mimicking the Uptodown App Store, a popular third-party app store for Android devices with over 220 million downloads.
.webp)
Cyber Security News
Beware of New Android Trojan That Executes Malicious Commands on Your Phone
This sophisticated backdoor Trojan to infiltrate Android systems & execute a malicious commands, posing a threat to unsuspecting users.
Infosecurity News
Google Blocks 2.3 Million Apps From Play Store Listing
Google blocked millions of policy-violating apps from being listed on Play in 2023 and banned 333,000 bad accounts
CyberNews
Google bans 2.3M apps and hundreds of thousands of accounts from its Play Store
Google has found that millions of apps submitted to its platform violate the privacy of users.
Security Affairs
Google prevented 2.28 million policy-violating apps from being published on Google Play in 2023
Google announced they have prevented 2.28 million policy-violating apps from being published in the official Google Play.
The Hacker News
Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023
Google reveals a staggering 200,000 app submissions were rejected or remediated from the Play Store last year due to issues with sensitive data access
Bleeping Computer
Google rejected 2.28 million risky Android apps from Play store in 2023
Google blocked 2.28 million Android apps from being published on Google Play after finding various policy violations that could threaten user's security.
Bleeping Computer
Google rejected 2.28 million risky apps from Play Store in 2023
Google blocked 2.28 million apps from being published on Google Play after finding various policy violations that could threaten the security of Android users.
SecurityWeek
Google Says it Blocked 2.28 Million Apps from Google Play Store
In 2023, Google said it blocked 2.28 million bad applications from being published on Google Play and banned 333,000 developer accounts.
CyberNews
Breaking 2FA authentication: demystifying your security
Multi-factor and 2-factor authentication, its safety and how hackers can overcome it
Bleeping Computer
Save big on this in-depth ethical hacking course bundle — now just $46
The All-in-One Super-Sized Ethical Hacking Bundle is on sale for just $45.99 (reg. $1098) for a limited time only.
HACKRead
Fake Chrome Updates Hide Android Brokewell Malware Targeting Your Bank
Meet Brokewell malware, a new cybersecurity threat to your Android device (smartphone and tablets) and personal information.
CyberNews
New banking malware gives hackers complete control of Android phones
A new Android mobile malware family, dubbed Brokewell, has appeared on cybersecurity researchers’ radars.
The Hacker News
Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks
Okta is sounding the alarm on an unprecedented spike in credential stuffing attacks targeting online services.
Security Affairs
Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Bleeping Computer
Save $450 on a lifetime of language training from Babbel
Picking up a new language is one of the best moves you can make for your career and your personal goals. A Babbel lifetime subscription helps you become fluent faster for $149.97, $450 off the $599 MSRP, now through 11:59 pm PST on April 30th, with no coupon needed.
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
Welcome to this week's edition of the Cyber Security News Weekly Round-Up. This issue covers the latest vulnerabilities, cyber attacks, and emerging threats that have been making headlines. Stay informed and stay secure!
The Cyber Express
Researches Discovers New Android Banking Trojan ‘Brokewell’ Disguised as Chrome Update
CRIL Researchers observed a new android banking trojan 'Brokewell,' being distributed through a phishing site disguised as the official Chrome
Security Affairs
Brokewell supports an extensive set of Device Takeover capabilities
ThreatFabric researchers identified a new Android malware called Brokewell, which implements a wide range of device takeover capabilities.
SecurityWeek
Powerful 'Brokewell' Android Trojan Allows Attackers to Takeover Devices
A new Android trojan named Brokewell can steal user’s sensitive information and allows attackers to take over devices.
The Hacker News
New 'Brokewell' Android Malware Spread Through Fake Browser Updates
A new Android malware called Brokewell is disguising itself as updates for popular apps like Google Chrome and Klarna
The Cyber Express
Avoid Using Unregistered Cryptocurrency Transfer Services, FBI Warned
The FBI in a Thursday warning emphasized the financial risks associated with using unregistered cryptocurrency transfer services, especially considering potential
DarkReading
Chinese Keyboard Apps Open 1B People to Eavesdropping
Eight out of nine apps that people use to input Chinese characters into mobile devices have security vulnerabilities that allow a passive eavesdropper to collect keystroke data.
Bleeping Computer
FBI warns against using unlicensed crypto transfer services
The FBI has warned today that using unlicensed cryptocurrency transfer services can result in financial loss if these platforms are taken down by law enforcement.
Infosecurity News
US Takes Down Illegal Cryptocurrency Mixing Service Samourai Wallet
The two founders of Samourai Wallet have been charged with money laundering and unlicensed money-transmitting offenses
Loading more articles....