Expert testing of iOS and Android mobile applications shows that in most cases, insecure data storage is the most common security flaw in mobile apps. Positive Technologies’ yearly report, Vulnerabilities and Threats in Mobile Applications 2019, found that critical vulnerabilities are slightly more common in Android applications, compared to their iOS counterparts (43% vs. 38%)….

The capability is enabled by the recently introduced 2-Step Verification (2SV) method that allows users to protect accounts with a security key built into their Android phones. Previously, the technology could be used to verify sign-ins to Google and Google Cloud services on Bluetooth-enabled devices running Chrome OS, macOS, and Windows 10, and can now…

New Android malware hit more than 100,000 users in 196 countries before Google removed it from Google Play — and it continues to steal personal information from users across the globe. Researchers at Trend Micro found ANDROIDOS_MOBSTSPY, spyware that disguised itself as six different Android apps, five of which were removed from Google Play in…

Here’s a scary thought: Mobile devices may soon come with pre-installed malware on required system apps. While it might sound like a grim foretelling, pre-installed mobile malware is an unfortunate reality of the future. In the past, we’ve seen pre-installed malware with the notorious Adups threat, among others. “Pre-installed” means the malware comes already installed…

The addressed issues include remote code execution bugs, elevation of privilege flaws, and information disclosure vulnerabilities, along with a denial of service. Impacted components include Framework, Media framework, System, and Qualcomm components. “The most severe vulnerability in this section could enable a proximate attacker using a specially crafted file to execute arbitrary code within the…

Android password managers can be tricked into entering valid login credentials into phishing apps, a group of researchers has discovered. They have also found that Instant Apps, a Google technology that allows users to “try” Android apps without the need to fully install them, can make phishing attacks more practical. The research Simone Aonzo, Alessio…

The September 2018 Android Security Bulletin is split into two parts, the 2018-09-01 security patch level, which resolves 24 bugs, and the 2018-09-05 security patch level, which addresses a total of 35 bugs. Five of the vulnerabilities patched with the 2018-09-01 security patch level were rated Critical severity. Three of these are elevation of privilege…

Android is a good operating system whose developers truly care about security, but with so many OS versions and applications, keeping an eye on all of them is a tall order. Therefore, new ways to circumvent the built-in security mechanisms surface fairly often. The latest way to hack Android is called “Man-in-the-Disk,” and that is…

Many people think that Android devices do not need an antivirus solution at all, but countless kinds of malware exist for the mobile OS, some on official stores such as Google Play. In other words, antivirus software could actually come in very handy. So, which one should you choose? Which mobile antivirus? Of course, we…