The December 2017 Android security patches that Google released this week resolve 47 vulnerabilities, including 10 rated Critical severity. The patches affect a variety of platform components and were split in two packages, or security patch levels, as Google calls them. The first addresses 19 vulnerabilities while the second resolves 28 issues.

We have encountered a new and highly prevalent type of Android malware (detected as Android.Sockbot) posing as apps on Google Play and later adding compromised devices into a botnet. So far we have identified at least eight such apps, with an install base ranging from 600,000 to 2.6 million devices. This malware appears primarily targeting…

A newly discovered ransomware family targeting Android devices is abusing the platform’s accessibility services, ESET warns. Dubbed DoubleLocker, this innovative Android malware doesn’t merely encrypt users’ data, but also locks the infected devices down, security researchers from ESET say. The ransomware is based on the source code of BankBot banking Trojan, which is already known for misusing…

Google Project Zero has disclosed the details of two critical remote code execution vulnerabilities affecting the Broadcom Wi-Fi chips found in many Android and iOS devices. The flaws, identified as CVE-2017-11120 and CVE-2017-11121, were patched in Android on September 5 with this month’s security updates and in iOS on September 19 with the release of…

Eight zero-day vulnerabilities affecting the Android, Windows, Linux and iOS implementations of Bluetooth can be exploited by attackers to extract information from, execute malicious code on, or perform a MitM attack against vulnerable devices. The vulnerabilities, collectively dubbed BlueBorne by the researchers who discovered them, can be exploited without users having to click on a…

A total of 81 security vulnerabilities have been addressed in this month’s set of security patches for the Android platform. 13 of the flaws were rated Critical severity. The security bulletin has two security patch levels, each focused on addressing vulnerabilities in specific components. The 2017-09-01 security patch level fixes a total of 30 vulnerabilities, 10 of…

— Malwarebytes now provides superior mobile protection for Android users to protect against growing levels of mobile malware — Android ransomware increased more than 100 percent between Q1 and Q2 2017 SANTA CLARA, Calif. – August 24, 2017 – Malwarebytes™, the leader in advanced malware prevention and remediation solutions, today announced the release of Malwarebytes for Android,…

Smartphone users can now add a new entry to the list of things they need to worry about: their phones being compromised via replacement parts. A group of researchers from Ben-Gurion University of the Negev has demonstrated that hardware replacements – e.g. touchscreens, NFC readers, wireless charging controllers, and so on – can be equipped…