What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2025-02-08 20:50:19 | DeepSeek Sending Unprotected Sensitive User Data To TikTok\\'s Parent ByteDance (lien direct) | There are growing concerns about the security of the DeepSeek iOS app, as it may be transmitting unprotected user data to ByteDance, the parent company of TikTok.
According to US-based mobile security company NowSecure, who conducted a comprehensive security and privacy assessment of the DeepSeek iOS mobile app on actual iOS devices, found that the app uses unencrypted data transmission, weak and hardcoded encryption keys, insecure data storage, extensive data collection and fingerprinting, and sends unencrypted data to China.
The first and foremost issue highlighted by NowSecure is that the DeepSeek iOS app sends ome mobile app registration and device data over the internet without encryption, making it vulnerable to interception and manipulation.
For instance, a network attacker with privileged access (commonly known as a Man-in-the-Middle attack) could intercept and modify the data, compromising the app’s integrity and data security.
Although Apple has built-in platform protections to protect developers from introducing this flaw, according to NowSecure, the protection was disabled globally for the DeepSeek iOS app.
“When a user first launches the DeepSeek iOS app, it communicates with the DeepSeek\'s backend infrastructure to configure the application, register the device and establish a device profile mechanism. Even when the network is configured to actively attack the mobile app (via a MITM attack), the app still executes these steps which enables both passive and active attacks against the data,” the company wrote in a blog post published on Thursday.
Modern apps use data encryption to safeguard confidentiality and integrity, which requires proper implementation to protect user data.
However, the app relies on an insecure symmetric encryption algorithm (3DES), reuses initialization vectors, and hardcodes encryption keys, violating best security practices.
Additionally, the DeepSeek iOS app insecurely stores usernames, passwords, and encryption keys, increasing the risk of credential theft. The app also collects user and device data that can be used for tracking and de-anonymization.
Moreover, the app uses tens of data points, including organization ID, device OS version, and the language selected in the configuration. NowSecure notes that user data is sent to servers by Volcengine, a cloud service platform released by ByteDance in 2021.
Since ByteDance is governed by Chinese laws, it may be compelled to share the data it collects with the Chinese government, raising major surveillance and compliance concerns for enterprises and governments utilizing the app.
“The DeepSeek iOS app globally disables App Transport Security (ATS) which is an iOS platform level protection that prevents sensitive data from being sent over unencrypted channels. Since this protection is disabled, the app can (and does) send unencrypted data over the internet,” N |
Mobile Cloud | ★★★ | |
 |
2025-02-07 20:28:00 | DeepSeek App Transmits Sensitive User and Device Data Without Encryption (lien direct) | A new audit of DeepSeek\'s mobile app for the Apple iOS operating system has found glaring security issues, the foremost being that it sends sensitive data over the internet sans any encryption, exposing it to interception and manipulation attacks.
The assessment comes from NowSecure, which also found that the app fails to adhere to best security practices and that it collects extensive user and
A new audit of DeepSeek\'s mobile app for the Apple iOS operating system has found glaring security issues, the foremost being that it sends sensitive data over the internet sans any encryption, exposing it to interception and manipulation attacks. The assessment comes from NowSecure, which also found that the app fails to adhere to best security practices and that it collects extensive user and |
Mobile | ★★★ | |
 |
2025-02-07 11:44:32 | Critical Vulnerabilities Reported in Cyble\\'s Weekly Vulnerability Insights (lien direct) | 
Overview
Cyble Research & Intelligence Labs (CRIL) published their Weekly Vulnerability Insights Report to clients, covering key vulnerabilities reported from January 29 to February 4, 2025. The analysis highlights critical security flaws that have posed cyber threats to various IT infrastructures globally. Notably, the Cybersecurity and Infrastructure Security Agency (CISA) added five vulnerabilities to the Known Exploited Vulnerability (KEV) catalog.
This report highlights vulnerabilities in several widely used software products and services, including Paessler PRTG Network Monitor, Microsoft .NET Framework, and Zyxel DSL devices. These vulnerabilities could impact a range of industries that rely on these systems to monitor, manage, and protect critical infrastructure.
Incorporation of Vulnerabilities into the KEV Catalog
CISA\'s inclusion of vulnerabilities in the KEV catalog is an important step in highlighting serious risks associated with widely deployed software. During this period, CISA added five vulnerabilities, including two dating back to 2018, that have been actively exploited and affect major IT infrastructure tools like Paessler PRTG Network Monitor. These vulnerabilities were assessed for their active exploitation and listed accordingly to ensure better protection for organizations globally.
Among the newly added vulnerabilities, CVE-2018-19410 and |
Tool Vulnerability Threat Patching Mobile | ★★★ | |
 |
2025-02-07 07:00:00 | A Rose by Any Other Name: Exposure Management, a Category that Evolved from Traditional Vulnerability Management (lien direct) | As organizations increase their reliance on cloud services, remote work tools, IoT devices and smart infrastructures, and the use of third-party vendors, their exposure to cyber threats increases. Traditional approaches to vulnerability management are unable to keep up with rapidly changing business needs and an expanding attack surface. While scanning and patching known vulnerabilities remains critical, today’s complex threat landscape demands a more comprehensive strategy. Exposures encompass the total attack surface and all potential security gaps across an organization’s entire digital infrastructure. Examples include known vulnerabilities, misconfigurations, and uncovered weaknesses. These differ from vulnerabilities, which are specific weaknesses or flaws in a system that could be exploited. Security leaders should consider adopting a holistic exposure management program to address both known and unknown exposures. First let’s understand what exposure management is. Exposure Management represents a comprehensive approach that looks at an organization’s entire attack surface and potential security risks across all their digital assets, both internally and externally. It goes beyond identifying and remediating vulnerabilities by providing a much wider view of an organization’s security posture. This approach enables businesses to understand the full breadth of their attack surface and exposures, and prioritize actions based on potential impact. The evolution from vulnerability management to exposure management is becoming increasingly critical, according to Gartner. In their 2024 report, “How to Grow Vulnerability Management into Exposure Management," Gartner emphasizes that exposure management is more than just tools - it’s a comprehensive methodology that integrates people, processes, and technologies to effectively evaluate and assess exposures across both digital and physical assets. Gartner also highlights how this approach enhances and contextualizes security initiatives by providing data-driven insights into which assets, configurations, and vulnerabilities pose the greatest business risk. This allows security teams to effectively prioritize and allocate resources towards the most impactful remediations, tailored to their specific needs, industry threats, and business priorities. This approach strengthens key capabilities such as threat detection, investigation, and response (TDIR), and cyber risk management. How Has Exposure Management Evolved from Traditional Vulnerability Management? Vulnerability management has been a staple of security programs for decades. It’s long been considered a requirement for “good cyber hygiene.” However, many organizations still struggle with properly managing the large volume of vulnerabilities in their environment, including prioritizing mitigation or remediation of the vulnerabilities that pose the greatest risk. Welcome “exposure management.” While vulnerability management focuses primarily on identifying and patching known vulnerabilities, exposure management has evolved to unify multiple security disciplines (including asset configuration, and patch management) into a comprehensive view of an organization’s attack surface – enabling teams to better identify, and prioritize critical exposures, particularly those actively exploited in the wild. Vulnerability management is a critical subset of exposure management, focusing on the detection and correction of security weaknesses. Vulnerability management alone can’t address the full spectrum of security risks organizations face today, particularly with the increasing complexity brought by digital transformation. Key Functions of Vulnerability Management vs. Exposure Management | Tool Vulnerability Threat Patching Mobile Industrial Cloud Technical | ★★★ | |
 |
2025-02-06 22:26:40 | Appdome announced a platform upgrade (lien direct) | Appdome Breaks the Surge in Android & iOS Trojans Globally
Extends leadership in Account Takeover Protection (ATO) with 24 new Dynamic Defense Plugins Targeting Banking Trojans, Trojan Spyware, and RATs
-
Product Reviews
Appdome Breaks the Surge in Android & iOS Trojans Globally Extends leadership in Account Takeover Protection (ATO) with 24 new Dynamic Defense Plugins Targeting Banking Trojans, Trojan Spyware, and RATs - Product Reviews |
Mobile | ★★ | |
 |
2025-02-06 21:12:30 | Experts Flag Security, Privacy Risks in DeepSeek AI App (lien direct) | New mobile apps from the Chinese artificial intelligence (AI) company DeepSeek have remained among the top three "free" downloads for Apple and Google devices since their debut on Jan. 25, 2025. But experts caution that many of DeepSeek\'s design choices -- such as using hard-coded encryption keys, and sending unencrypted user and device data to Chinese companies -- introduce a number of glaring security and privacy risks.
New mobile apps from the Chinese artificial intelligence (AI) company DeepSeek have remained among the top three "free" downloads for Apple and Google devices since their debut on Jan. 25, 2025. But experts caution that many of DeepSeek\'s design choices -- such as using hard-coded encryption keys, and sending unencrypted user and device data to Chinese companies -- introduce a number of glaring security and privacy risks. |
Mobile | ★★ | |
|
2025-02-06 20:32:33 | Vigilance.fr - Google Android | Pixel: multiple vulnerabilities of May 2024, analyzed on 06/05/2024 (lien direct) | An attacker can use several vulnerabilities of Google Android | Pixel.
-
Security Vulnerability
An attacker can use several vulnerabilities of Google Android | Pixel. - Security Vulnerability |
Vulnerability Mobile | ★★ | |
|
2025-02-06 20:32:33 | Vigilance.fr - Google Android | Pixel : multiples vulnérabilités de mai 2024, analysé le 06/05/2024 (lien direct) | Un attaquant peut employer plusieurs vulnérabilités de Google Android | Pixel.
-
Vulnérabilités
Un attaquant peut employer plusieurs vulnérabilités de Google Android | Pixel. - Vulnérabilités |
Mobile | ★★ | |
 |
2025-02-06 18:19:36 | 1,000 Apps Used in Malicious Campaign Targeting Android Users in India (lien direct) | >Zimperium warns that threat actors have stolen the information of tens of thousands of Android users in India using over 1,000 malicious applications.
>Zimperium warns that threat actors have stolen the information of tens of thousands of Android users in India using over 1,000 malicious applications. |
Threat Mobile | ★★ | |
|
2025-02-06 18:04:42 | CISA Orders Urgent Patch For Exploited Linux Kernel Bug (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a directive mandating federal agencies to promptly address a critical vulnerability in the Linux kernel, identified as CVE-2024-53104.
This high-severity flaw affects the Android Kernel\'s USB Video Class (UVC) driver and has been actively exploited in targeted attacks.
For those unaware, CVE-2024-53104 is a privilege escalation security flaw affecting the USB UVC driver in the Linux kernel.
The issue arises from improper parsing of frames labeled as UVC_VS_UNDEFINED in the uvc_parse_format function, which can cause the buffer size of frames to be miscalculated, resulting in out-of-bounds writes.
Successful exploitation of this vulnerability could allow an authenticated attacker to escalate privileges and perform execute arbitrary code on a vulnerable Android phone or cause denial-of-service conditions on affected systems or system crashes.
In response to the active exploitation of this vulnerability, CISA has added CVE-2024-53104 to its Known Exploited Vulnerabilities (KEV) Catalog.
The agency has mandated all Federal Civilian Executive Branch (FCEB) agencies, as per the November 2021 Binding Operational Directive (BOD) 22-01, to apply the patches by February 26, 2025, to mitigate the Linux kernel vulnerability and protect their networks against potential threats.
“These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise,” CISA issued a warning on Wednesday.
CISA has also advised private organizations and users to update their Linux distributions and Android devices to the latest versions to mitigate the risk associated with CVE-2024-53104.
As mentioned in our report yesterday, Google has released its February 2025 security updates, which address 48 vulnerabilities, including CVE-2024-53104.
The company noted indications of “limited, targeted exploitation” of this flaw and provided patches to improve the security of Android devices.
However, users are strongly encouraged to install the latest security updates promptly to safeguard their devices and themselves from major security threats.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a directive mandating federal agencies to promptly address a critical vulnerability in the Linux kernel, identified as CVE-2024-53104. This high-severity flaw affects the Android Kernel\'s USB Video Class (UVC) driver and has been actively exploited in targeted attacks. For those unaware, CVE-2024-53104 is a privilege escalation security flaw affecting the USB UVC driver in the Linux kernel. The issue arises from improper parsing of frames labeled as UVC_VS_UNDEFINED in the uvc_parse_format function, which can cause the buffer size of frames to be miscalculated, resulting in out-of-bounds writes. Successful exploitation of this vulnerability could allow an authenticated attacker to escalate privileges and perform execute arbitrary code on a vulnerable Android phone or cause denial-of-service conditions on affected systems or system crashes. In response to the active exploitation of this vulnerability, CISA has added CVE-2024-53104 to its Known Exploited Vulnerabil |
Vulnerability Mobile | ★★★ | |
 |
2025-02-06 14:02:00 | Samsung Galaxy S25, S25+, and S25 Ultra Review: AI Snoozefest (lien direct) | Technically sound, Samsung\'s latest Android phones are a bit of a snooze.
Technically sound, Samsung\'s latest Android phones are a bit of a snooze. |
Mobile | ★★★ | |
 |
2025-02-06 14:00:00 | Using capa Rules for Android Malware Detection (lien direct) | Mobile devices have become the go-to for daily tasks like online banking, healthcare management, and personal photo storage, making them prime targets for malicious actors seeking to exploit valuable information. Bad actors often turn to publishing and distributing malware via apps as a lucrative channel for generating illegal and/or unethical profits. Android takes a multi-layered approach to combating malware to help keep users safe (more later in the post), but while we continuously strengthen our defenses against malware, threat actors are persistently updating their malware to evade detection. Malware developers used to complete their entire malicious aggression using the common Android app development toolkits in Java, which is easier to detect by reversing the Java bytecode. In recent years, malware developers are increasing the use of native code to obfuscate some of the critical malware behaviors and putting their hopes on obscuration in compiled and symbol-stripped Executable and Linkable Format (ELF) files, which can be more difficult and time-consuming to reveal their true intentions. To combat these new challenges, Android Security and Privacy Team is partnering with Mandiant FLARE to extend the open-source binary analysis tool capa to analyze native ARM ELF files targeting Android. Together, we improved existing and developed new capa rules to detect capabilities observed in Android malware, used the capa rule matches to highlight the highly suspicious code in native files, and prompted Gemini with the highlighted code behaviors for summarization to enhance our review processes for faster decisions. In this blog post, we will describe how we leverage capa behavior-detection capabilities and state-of-art Gemini summarization by: Showcasing a malware sample that used various anti-analysis tricks to evade detections Explaining how our existing and new capa rules identify and highlighted those behaviors Presenting how Gemini summarizes the highlighted code for security reviews An Illegal Gambling App Under a Music App Façade Google Play Store ensures all published apps conform to local laws and regulations. This includes gambling apps, which are prohibited or require licenses in some areas. Developing and distributing illegal gambling apps in such areas can generate significant illicit profits, which sometimes is associated with organized crimes. To bypass Google Play Store\'s security-screening procedures, some gambling apps disguise themselves with harmless façades like music or casual games. These apps only reveal their gambling portals | Malware Tool Threat Mobile Medical Cloud | ★★★ | |
 |
2025-02-05 14:56:04 | Zimperium découvre FatBoyPanel, un nouveau malware ciblant les données des utilisateurs des banques indiennes (lien direct) | >zLabs, l\'équipe de recherche de Zimperium, le leader mondial de la sécurité mobile, a découvert une nouvelle campagne de malware mobiles ciblant principalement les utilisateurs des banques indiennes. L’analyse des 900 échantillons de malwares collectés par zLabs révèle des structures de code communes, des éléments d’interface utilisateur et des logos d’application partagés, suggérant une action […]
The post Zimperium découvre FatBoyPanel, un nouveau malware ciblant les données des utilisateurs des banques indiennes first appeared on UnderNews.
>zLabs, l\'équipe de recherche de Zimperium, le leader mondial de la sécurité mobile, a découvert une nouvelle campagne de malware mobiles ciblant principalement les utilisateurs des banques indiennes. L’analyse des 900 échantillons de malwares collectés par zLabs révèle des structures de code communes, des éléments d’interface utilisateur et des logos d’application partagés, suggérant une action […] The post Zimperium découvre FatBoyPanel, un nouveau malware ciblant les données des utilisateurs des banques indiennes first appeared on UnderNews. |
Malware Mobile | ★★★ | |
 |
2025-02-05 14:00:00 | Mobile Malware Targeting Indian Banks Exposes 50,000 Users (lien direct) | Indian banking malware attack exposes 50,000 users, stealing financial data via SMS interception and phishing
Indian banking malware attack exposes 50,000 users, stealing financial data via SMS interception and phishing |
Malware Mobile | ★★★ | |
 |
2025-02-05 14:00:00 | Mobile Indian Cyber Heist: FatBoyPanel And His Massive Data Breach (lien direct) | >Our zLabs research team has discovered a mobile malware campaign consisting of almost 900 malware samples primarily targeting users of Indian banks.
>Our zLabs research team has discovered a mobile malware campaign consisting of almost 900 malware samples primarily targeting users of Indian banks. |
Data Breach Malware Mobile | ★★★ | |
 |
2025-02-05 08:00:16 | Take my money: OCR crypto stealers in Google Play and App Store (lien direct) | Kaspersky experts discover iOS and Android apps infected with the SparkCat crypto stealer in Google Play and the App Store. It steals crypto wallet data using an OCR model.
Kaspersky experts discover iOS and Android apps infected with the SparkCat crypto stealer in Google Play and the App Store. It steals crypto wallet data using an OCR model. |
Mobile | ★★★ | |
|
2025-02-04 20:21:09 | Google Fixes Android Kernel Zero-Day Exploit Actively Used In Attacks (lien direct) | Google on Monday released its February 2025 security patches, which address 48 vulnerabilities, including a critical zero-day vulnerability affecting the Android kernel that was being actively exploited in attacks.
Tracked as CVE-2024-53104, the zero-day flaw has been described as a high-severity issue affecting the Android Kernel\'s USB Video Class (UVC) driver.
What\'s the vulnerability?
This vulnerability is a privilege escalation security flaw in Android\'s USB Video Class driver, which if exploited, can allow an authenticated attacker to elevate privileges in low-complexity attacks on targeted devices.
The zero-day flaw resides in the uvc_parse_format function. Improper parsing of UVC_VS_UNDEFINED type frames can cause the buffer size of frames to be miscalculated.
This can lead to out-of-bounds writes since frames of this type were not considered when calculating the frame buffer size in uvc_parse_streaming.
This can potentially allow attackers to execute arbitrary code on a vulnerable Android phone or trigger denial-of-service conditions.
“In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming,” reads the advisory.
“There are indications that CVE-2024-36971 may be under limited, targeted exploitation”, the search giant noted in its February 2025 monthly Android security advisory.
Additionally, Google addressed a critical security flaw, CVE-2024-45569 (CVSS score of 9.8), in Qualcomm\'s WLAN component. Qualcomm states this flaw is a memory corruption issue caused by an Improper Validation of the Array Index in WLAN Host Communication when parsing the ML IE due to invalid frame content.
Patches Released
Google has released two patch sets, the 2025-02-01 and 2025-02-05 security patch levels, as part of the February 2025 security updates.
While Google Pixel devices receive security updates immediately, other manufacturers may experience delays due to the additional testing required to ensure the security patches are compatible with various hardware configurations.
Hence, Android users are strongly advised to install the 2025-02-01 and 2025-02-05 security patch levels as soon as possible to safeguard their devices and themselves from major security threats.
Google on Monday released its February 2025 security patches, which address 48 vulnerabilities, including a critical zero-day vulnerability affecting the Android kernel that was being actively exploited in attacks. Tracked as CVE-2024-53104, the zero-day flaw has been described as a high-severity issue affecting the Android Kernel\'s USB Video Class (UVC) driver. What\'s the vu |
Vulnerability Threat Mobile | ★★★ | |
 |
2025-02-04 16:13:14 | Android security update includes patch for actively exploited vulnerability (lien direct) | The monthly update closes 47 security vulnerabilities in total.
The monthly update closes 47 security vulnerabilities in total. |
Vulnerability Mobile | ★★★ | |
 |
2025-02-04 15:16:19 | Crypto-stealing apps found in Apple App Store for the first time (lien direct) | A new campaign dubbed \'SparkCat\' has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. [...]
A new campaign dubbed \'SparkCat\' has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. [...] |
Mobile | ★★★★ | |
 |
2025-02-04 14:19:22 | VidSpam: A New Threat Emerges as Bitcoin Scams Evolve from Images to Video (lien direct) | Key takeaways Attackers are now leveraging video attachments in multimedia messages (MMS) in mobile to promote Bitcoin scams, marking an evolution from static images. A reported video message came in a lightweight 14KB.3gp file-a unique approach for convincing victims to click links and engage with scammers. Recipients are lured to WhatsApp groups, where scammers use high-pressure tactics to extract money or personal information. MMS abuse is expected to grow with increasingly deceptive multimedia content to target unsuspecting individuals. Overview The rise of image-based Bitcoin scams has been a growing concern for defenders in the mobile space. Attackers use eye-catching, fraudulent images to lure victims into schemes promising extraordinary financial returns. Now, a new and troubling trend is emerging: video-based abuse (VidSpam), where attackers are leveraging small video file attachments to further enhance their deception tactics. Bitcoin image abuse No sooner had we sounded the alarm about image abuse becoming a widespread attack technique targeting mobile device users, through image message spam, than Proofpoint researchers noticed the emergence of video message abuse, adding another layer to scammers\' tactics. Bitcoin scams via MMS images have become commonplace in unwanted message reports. These scams often feature images of successful-looking individuals, fake awards, and promises of extraordinary daily profits. Their sole goal: to convince recipients to part with their hard-earned money. Example of Bitcoin image spam. Scammers take advantage of the belief that people have made money in cryptocurrency markets, and their scams leave victims financially drained. A surprising development: video in MMS In mid-December 2024, Proofpoint researchers identified an MMS based message with a Content-Type: a video message header and a .3gp file attachment was reported to a carrier and Proofpoint\'s Mobile Abuse Visibility solution as unwanted. This small video-based attachment is received on mobile devices and contains a “play” button that allows recipients to easily start the video. Clicking the button results in a brief, 2-second video that merely displays the static image shown below. Unlike most video files, there is no movement or animation in this video-it simply presents the graphic as if it were a still image. .3gp video as shown in messaging app. What is a .3gp file you ask? A .3gp file is a multimedia container format designed for 3G networks and optimized for small file sizes and efficient streaming on mobile devices. The small size makes these files accessible on devices with limited storage and on slower networks. This combination of size and low resource use makes the format ideal for mobile devices on both low-data environments and modern 4G/5G networks. The video attachment in this example was crafted to be a mere 14.1KB, an unusually small size for a video file. The message body only contained an embedded link directing users to the attacker-controlled discussion forum. This evolution is surprising and highlights how attackers adapt their methods to evade detection of traditional content filtering more commonly attuned to scanning text and image-based messages. The small video size results in a video with very low resolution and poor quality. Its purpose is not necessarily to entice users visually, rather, it\'s designed to add credibility and increase the likelihood that the recipient engages with embedded content or through a message response. VidSpam Bitcoin message. How the scam works The MMS message contains both a message body and video attachment. The message body typically contains nothing more than a link to a URL redirection service, which directs the user to an attacker-controlled webpage. The video attachment is intended to add credibility, while the body urges recipients to click the link and join a | Spam Tool Threat Mobile Prediction | ★★★ | |
|
2025-02-04 11:00:00 | Vulnerability Patched in Android Possibly Exploited by Forensic Tools (lien direct) | >The February 2025 Android patches resolve 46 vulnerabilities, including a Linux kernel bug that has been exploited in the wild.
>The February 2025 Android patches resolve 46 vulnerabilities, including a Linux kernel bug that has been exploited in the wild. |
Tool Vulnerability Mobile | ★★★ | |
|
2025-02-04 10:58:37 | NETGEAR Urges Immediate Firmware Updates for Critical Security Flaws (lien direct) | 
Overview
NETGEAR has recently addressed two critical security vulnerabilities affecting its products, which, if exploited, could allow unauthenticated attackers to execute arbitrary code or remotely exploit devices. These vulnerabilities impact multiple models, including the XR series routers and WAX series access points. Given the high severity of these vulnerabilities, with Common Vulnerability Scoring System (CVSS) scores of 9.8 and 9.6, users are strongly advised to update their devices immediately to the latest firmware versions to prevent potential cyber threats.
Details of the Security Vulnerabilities
The vulnerabilities impact several NETGEAR devices and could allow remote attackers to take control of the affected routers and access points without requiring authentication. Such security flaws are particularly concerning as they can be leveraged for malicious activities, including data theft, network disruption, and unauthorized surveillance.
Affected Devices and Firmware Updates
NETGEAR has released fixes for the unauthenticated remote code execution (RCE) security vulnerability affecting the following models:
XR1000: Fixed in firmware version 1.0.0.74
XR1000v2: Fixed in firmware version 1.1.0.22
XR500: Fixed in firmware version 2.3.2.134
|
Malware Vulnerability Threat Mobile | ★★★ | |
|
2025-02-04 10:21:00 | Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 (lien direct) | Google has shipped patches to address 47 security flaws in its Android operating system, including one it said has come under active exploitation in the wild.
The vulnerability in question is CVE-2024-53104 (CVSS score: 7.8), which has been described as a case of privilege escalation in a kernel component known as the USB Video Class (UVC) driver.
Successful exploitation of the flaw could lead
Google has shipped patches to address 47 security flaws in its Android operating system, including one it said has come under active exploitation in the wild. The vulnerability in question is CVE-2024-53104 (CVSS score: 7.8), which has been described as a case of privilege escalation in a kernel component known as the USB Video Class (UVC) driver. Successful exploitation of the flaw could lead |
Vulnerability Mobile | ★★★ | |
|
2025-02-04 09:36:29 | Multiples vulnérabilités dans Google Android (04 février 2025) (lien direct) | De multiples vulnérabilités ont été découvertes dans Google Android. Certaines d\'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un déni de service. Google indique que la vulnérabilité CVE-2024-53104 est activement...
-
Vulnérabilités
De multiples vulnérabilités ont été découvertes dans Google Android. Certaines d\'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un déni de service. Google indique que la vulnérabilité CVE-2024-53104 est activement... - Vulnérabilités |
Mobile | ★★★ | |
 |
2025-02-04 08:18:11 | Google patches odd Android kernel security bug amid signs of targeted exploitation (lien direct) | Also, Netgear fixes critical router, access point vulnerabilities Google has released its February Android security updates, including a fix for a high-severity kernel-level vulnerability, which is suspected to be in use by targeted exploits.…
Also, Netgear fixes critical router, access point vulnerabilities Google has released its February Android security updates, including a fix for a high-severity kernel-level vulnerability, which is suspected to be in use by targeted exploits.… |
Vulnerability Mobile | ★★★ | |
|
2025-02-04 07:00:00 | What Is Zero Trust? (lien direct) | Zero Trust Security Model Definition With the adoption of cloud computing, mobile devices, and the Internet of Things (IoT), the traditional network perimeter no longer exists. This has created challenges for security professionals, requiring a new approach to cybersecurity. Zero Trust has emerged as a transformative security model. Let’s take a closer look into what Zero Trust is, how it works, and the benefits it offers to modern enterprises. Zero Trust Explained Gone are the days when organizations could secure their assets with firewalls and virtual private networks (VPNs) alone. Workloads now live in the cloud, users and devices are increasingly mobile, and data flows across diverse locations and applications. This shift has widened visibility gaps and exposed vulnerabilities in legacy security approaches. Traditional security models operate on implicit trust: once a user or device gains access to the network, they’re often granted broad permissions. However, this trust can be exploited by attackers, leading to data breaches and ransomware attacks. Zero Trust flips this model on its head, assuming that no user, device, or application can be trusted by default. At its core, Zero Trust is a cybersecurity philosophy and framework designed to eliminate the assumption of trust. Instead of granting blanket access based on network location or device, Zero Trust requires: 1. Rigorous Verification: Every access request is authenticated, authorized, and continuously validated. 2. Least-Privilege Access: Users, devices, and applications are given only the permissions they need—nothing more. 3. Microsegmentation: The network is divided into granular zones to minimize potential damage in case of a breach. Zero Trust isn’t a single technology but a holistic approach that relies on solutions like identity management, secure remote access, data loss prevention, and microsegmentation to create a resilient security posture. Traditional security models grant users access to the entire network, creating opportunities for lateral movement by attackers. Zero Trust redefines access by connecting users directly to the specific applications and resources they need, bypassing the network entirely. Why It Matters: Decoupling application access from network access prevents malware from spreading and ensures users can only interact with authorized resources. o Example: Instead of relying on VPNs, Zero Trust leverages secure access solutions that enforce policies based on user identity, device posture, and real-time context. Legacy firewalls and VPNs inadvertently expose applications by making them accessible through public-facing IP addresses. Zero Trust eliminates this vulnerability by concealing applications from unauthorized users. Why It Matters: Hiding application and network resources reduces the attack surface. o Example: By obfuscating internet protocol (IP) addresses and source identities, Zero Trust prevents distributed denial-of-service (DDoS) attacks and other internet-based threats. Zero Trust uses a proxy-based approach to inspect and secure traffic between users and applications. Unlike traditional passthrough firewalls, proxies provide in-depth analysis and threat detection. Why It Matters: Proxies enable granular control and visibility, ensuring secure interactions without compromising performance. o Example: A proxy can inspect encrypted traffic for malware or unauthorized data transfers, adding an extra layer of protection. Zero Trust continuously evaluates access requests based on dynamic factors such as user identity, device health, and geolocation. Access policies are enforced throughout the session, ensuring that any changes in context trigge | Ransomware Malware Tool Vulnerability Threat Mobile Medical Cloud | ★★★ | |
 |
2025-02-03 21:50:13 | Microsoft Sets End Date for Defender VPN (lien direct) | Though Windows, iOS, and macOS users won\'t need to make any changes, Android users are advised to remove their Defender VPN profiles.
Though Windows, iOS, and macOS users won\'t need to make any changes, Android users are advised to remove their Defender VPN profiles. |
Mobile | ★★★ | |
|
2025-02-03 15:10:22 | Google fixes Android kernel zero-day exploited in attacks (lien direct) | The February 2025 Android security updates patch 48 vulnerabilities, including a zero-day kernel vulnerability that has been exploited in the wild. [...]
The February 2025 Android security updates patch 48 vulnerabilities, including a zero-day kernel vulnerability that has been exploited in the wild. [...] |
Vulnerability Threat Mobile | ★★ | |
 |
2025-01-31 17:33:44 | Hackers use fake wedding invitations to spread Android malware in Southeast Asia (lien direct) | The cybercriminals have been spreading malware through malicious wedding invitations sent through private and group chats on Telegram and WhatsApp.
The cybercriminals have been spreading malware through malicious wedding invitations sent through private and group chats on Telegram and WhatsApp. |
Malware Mobile | ★★ | |
|
2025-01-31 16:51:05 | (Déjà vu) Zimperium\\'s Protection Against Tria Stealer\\'s SMS Data Theft (lien direct) | >As part of our ongoing mission to identify emerging threats to mobile security, our zLabs team shares how we can help protect you against Tria Stealer.
>As part of our ongoing mission to identify emerging threats to mobile security, our zLabs team shares how we can help protect you against Tria Stealer. |
Mobile | ★★★ | |
|
2025-01-31 16:15:00 | Google Bans 158,000 Malicious Android App Developer Accounts in 2024 (lien direct) | Google said it blocked over 2.36 million policy-violating Android apps from being published to the Google Play app marketplace in 2024 and banned more than 158,000 bad developer accounts that attempted to publish such harmful apps.
The tech giant also noted it prevented 1.3 million apps from getting excessive or unnecessary access to sensitive user data during the time period by working with
Google said it blocked over 2.36 million policy-violating Android apps from being published to the Google Play app marketplace in 2024 and banned more than 158,000 bad developer accounts that attempted to publish such harmful apps. The tech giant also noted it prevented 1.3 million apps from getting excessive or unnecessary access to sensitive user data during the time period by working with |
Mobile | ★★★ | |
 |
2025-01-31 09:00:00 | KV4P HT - Transformez votre smartphone en radio bidirectionnelle (lien direct) | Qui n’a jamais rêvé de transformer son smartphone en super talkie-walkie capable de communiquer même quand les réseaux mobiles sont HS ? Et bien c’est désormais possible grâce à un projet open source baptisé KV4P HT qui va ravir tous les radioamateurs en herbe !
Vance Vagell (indicatif KV4P), le créateur du projet, a eu l’idée géniale de concevoir un petit module qui se branche simplement sur le port USB-C de votre smartphone Android pour le transformer en véritable radio VHF bidirectionnelle. Plus besoin de trimballer un équipement radio encombrant - votre téléphone devient votre radio !
Qui n’a jamais rêvé de transformer son smartphone en super talkie-walkie capable de communiquer même quand les réseaux mobiles sont HS ? Et bien c’est désormais possible grâce à un projet open source baptisé KV4P HT qui va ravir tous les radioamateurs en herbe ! Vance Vagell (indicatif KV4P), le créateur du projet, a eu l’idée géniale de concevoir un petit module qui se branche simplement sur le port USB-C de votre smartphone Android pour le transformer en véritable radio VHF bidirectionnelle. Plus besoin de trimballer un équipement radio encombrant - votre téléphone devient votre radio ! |
Mobile | ★★★ | |
|
2025-01-30 15:57:47 | Google blocked 2.36 million risky Android apps from Play Store in 2024 (lien direct) | Google blocked 2.3 million Android app submissions to the Play Store in 2024 due to violations of its policies that made them potentially risky for users. [...]
Google blocked 2.3 million Android app submissions to the Play Store in 2024 due to violations of its policies that made them potentially risky for users. [...] |
Mobile | ★★★ | |
|
2025-01-30 13:00:34 | DeepSeek\'s Growing Influence Sparks a Surge in Frauds and Phishing Attacks (lien direct) | 
Overview
DeepSeek is a Chinese artificial intelligence company that has developed open-source large language models (LLMs). In January 2025, DeepSeek launched its first free chatbot app, “DeepSeek - AI Assistant”, which rapidly became the most downloaded free app on the iOS App Store in the United States, surpassing even OpenAI\'s ChatGPT.
However, with rapid growth comes new risks-cybercriminals are exploiting DeepSeek\'s reputation through phishing campaigns, fake investment scams, and malware disguised as DeepSeek. This analysis seeks to explore recent incidents where Threat Actors (TAs) have impersonated DeepSeek to target users, highlighting their tactics and how readers can secure themselves accordingly.
Recently, Cyble Research and Intelligence Labs (CRIL) identified multiple suspicious websites impersonating DeepSeek. Many of these sites were linked to crypto phishing schemes and fraudulent investment scams. We have compiled a list of the identified suspicious sites:
abs-register[.]com
deep-whitelist[.]com
deepseek-ai[.]cloud
deepseek[.]boats
deepseek-shares[.]com
deepseek-aiassistant[.]com
usadeepseek[.]com
Campaign Details
Crypto phishing leveraging the popularity of DeepSeek
CRIL uncovered a crypto phishin |
Spam Malware Threat Mobile | ChatGPT | ★★★ |
|
2025-01-30 08:00:12 | No need to RSVP: a closer look at the Tria stealer campaign (lien direct) | Kaspersky GReAT experts discovered a new campaign targeting Android devices in Malaysia and Brunei with the Tria stealer to collect data from apps like WhatsApp and Gmail.
Kaspersky GReAT experts discovered a new campaign targeting Android devices in Malaysia and Brunei with the Tria stealer to collect data from apps like WhatsApp and Gmail. |
Mobile | ★★ | |
 |
2025-01-29 18:02:47 | What DeepSeek\\'s R1 Model Means For AI Innovation and Enterprise Security (lien direct) |  DeepSeek’s R1 model launch marks a significant milestone in AI accessibility, combining advanced reasoning capabilities with free, unlimited access. The platform’s explosive growth is evident-its mobile app topped the iOS App Store charts within 48 hours of release, indicating unprecedented user adoption rates. While DeepSeek’s open-source model represents a breakthrough in cost-effective AI deployment, the DeepSeek consumer-facing app introduces substantial privacy and security challenges for enterprises. Most critically, the platform\'s data collection practices extend far beyond typical usage data: according to DeepSeek\'s privacy policy, all user interactions-including prompts, uploaded files, chat histories, voice inputs, images, and even keystroke patterns-are transmitted […]
DeepSeek’s R1 model launch marks a significant milestone in AI accessibility, combining advanced reasoning capabilities with free, unlimited access. The platform’s explosive growth is evident-its mobile app topped the iOS App Store charts within 48 hours of release, indicating unprecedented user adoption rates. While DeepSeek’s open-source model represents a breakthrough in cost-effective AI deployment, the DeepSeek consumer-facing app introduces substantial privacy and security challenges for enterprises. Most critically, the platform\'s data collection practices extend far beyond typical usage data: according to DeepSeek\'s privacy policy, all user interactions-including prompts, uploaded files, chat histories, voice inputs, images, and even keystroke patterns-are transmitted […]
|
Mobile | ★★★ | |
|
2025-01-29 14:00:00 | Adversarial Misuse of Generative AI (lien direct) | Rapid advancements in artificial intelligence (AI) are unlocking new possibilities for the way we work and accelerating innovation in science, technology, and beyond. In cybersecurity, AI is poised to transform digital defense, empowering defenders and enhancing our collective security. Large language models (LLMs) open new possibilities for defenders, from sifting through complex telemetry to secure coding, vulnerability discovery, and streamlining operations. However, some of these same AI capabilities are also available to attackers, leading to understandable anxieties about the potential for AI to be misused for malicious purposes. Much of the current discourse around cyber threat actors\' misuse of AI is confined to theoretical research. While these studies demonstrate the potential for malicious exploitation of AI, they don\'t necessarily reflect the reality of how AI is currently being used by threat actors in the wild. To bridge this gap, we are sharing a comprehensive analysis of how threat actors interacted with Google\'s AI-powered assistant, Gemini. Our analysis was grounded by the expertise of Google\'s Threat Intelligence Group (GTIG), which combines decades of experience tracking threat actors on the front lines and protecting Google, our users, and our customers from government-backed attackers, targeted 0-day exploits, coordinated information operations (IO), and serious cyber crime networks. We believe the private sector, governments, educational institutions, and other stakeholders must work together to maximize AI\'s benefits while also reducing the risks of abuse. At Google, we are committed to developing responsible AI guided by our principles, and we share | Ransomware Malware Tool Vulnerability Threat Studies Legislation Mobile Industrial Cloud Technical Commercial | APT 41 APT 43 APT 42 | ★★★ |
 |
2025-01-29 13:39:07 | How we kept the Google Play & Android app ecosystems safe in 2024 (lien direct) | Posted by Bethel Otuteye and Khawaja Shams (Android Security and Privacy Team), and Ron Aquino (Play Trust and Safety)
Android and Google Play comprise a vibrant ecosystem with billions of users around the globe and millions of helpful apps. Keeping this ecosystem safe for users and developers remains our top priority. However, like any flourishing ecosystem, it also attracts its share of bad actors. That\'s why every year, we continue to invest in more ways to protect our community and fight bad actors, so users can trust the apps they download from Google Play and developers can build thriving businesses.
Last year, those investments included AI-powered threat detection, stronger privacy policies, supercharged developer tools, new industry-wide alliances, and more. As a result, we prevented 2.36 million policy-violating apps from being published on Google Play and banned more than 158,000 bad developer accounts that attempted to publish harmful apps.
But that was just the start. For more, take a look at our recent highlights from 2024:
Google\'s advanced AI: helping make Google Play a safer placeTo keep out bad actors, we have always used a combination of human security experts and the latest threat-detection technology. In 2024, we used Google\'s advanced AI to improve our systems\' ability to proactively identify malware, enabling us to detect and block bad apps more effectively. It also helps us streamline review processes for developers with a proven track record of policy compliance. Today, over 92% of our human reviews for harmful apps are AI-assisted, allowing us to take quicker and more accurate action to help prevent harmful apps from becoming available on Google Play.
That\'s enabled us to stop more bad apps than ever from reaching users through the Play Store, protecting users from harmful or malicious apps before they can cause any damage.
Working with developers to enhance security and privacy on Google Play
To protect user privacy, we\'re working with developers to reduce unnecessary access to sensitive data. In 2024, we prevented 1.3 million apps from getting excessive or unnecessary access to sensitive user data. We also required apps to be more transparent about how they handle user information by launching new developer requirements and a new “Data deletion” option for apps that support user accounts and data collection. This helps users manage their app data and understand the app\'s deletion practices, making it easier for Play users to delete data collected from third-party apps.
We also worked to ensure that apps use the strongest and most up-to-date privacy and security capabilities Android has to offer. Every new version of Android introduces new security and privacy features, and we encourage developers to embrace these advancements as soon as possible. As a result of partnering closely with developers, over 91% of app install |
Malware Tool Threat Mobile Cloud | ★★★ | |
|
2025-01-29 11:54:43 | Windows 11\\'s Start menu is getting iPhone and Android integration (lien direct) | Windows 11\'s Start menu is getting a big update with full-fledged Android and iPhone integration. [...]
Windows 11\'s Start menu is getting a big update with full-fledged Android and iPhone integration. [...] |
Mobile | ★★★ | |
|
2025-01-29 07:00:00 | Securing Your Digital Footprint While Traveling in 2025 (lien direct) | In an increasingly connected world, travel relies more on technology than ever. While digital tools enhance convenience, they also create new opportunities for cyber threats. Phishing attacks and malicious links targeting mobile devices are projected to triple compared to previous years as cybercriminals exploit public Wi-Fi networks and insecure booking platforms. To navigate these challenges, it’s essential to secure your digital footprint proactively. This article will highlight the risks travelers face and provide actionable strategies to protect your data, ensuring a safe and stress-free journey. Why Travelers Are Main Targets of Cyber Threats As travelers lean more heavily on mobile apps, online bookings, and cloud-based itineraries, the risks of data breaches, identity theft, and account compromise will grow significantly. Yet, reports suggest that nearly half of mobile users may still neglect basic security solutions, leaving their personal information at risk. Understanding these vulnerabilities is the first step toward protecting your data on the go. Increased Use of Public Wi-Fi Travelers continue to face challenges when using public Wi-Fi. While it offers convenience at airports, hotels, and cafes, these unsecured networks are a hotbed for cyber threats. Hackers can easily perform man-in-the-middle attacks, intercepting data transmitted over open networks. This means sensitive information, such as passwords and credit card details, can be stolen in real-time. Additionally, travelers may unknowingly connect to fake Wi-Fi networks, known as "honeypots," set up specifically to capture their data. Reliance on Digital Platforms Traveling in 2025 involves heavy dependence on digital tools for bookings, navigation, and payments. Mobile apps, cloud storage, and online platforms streamline trip planning but also expand the attack surface for cybercriminals. Every app or platform travelers use becomes a potential entry point for hackers. A single compromised account can give attackers access to travel itineraries, payment methods, and even personal identification details. Phishing and Fake Booking Scams As the travel industry digitizes further, phishing attacks are becoming increasingly sophisticated. Travelers are often targeted with fraudulent emails, texts, or ads that mimic legitimate booking platforms. Clicking these links can lead to fake hotel booking sites that steal credit card information or infect devices with malware. In many cases, travelers don’t realize they\'ve been scammed until it’s too late—either their trip is ruined or their financial data is compromised. Essential Cybersecurity Practices for Travelers While staying connected during travel has become a common practice, it also exposes you to potential cyber risks. By following a few key cybersecurity practices, you can protect your personal information and browse securely no matter where your journey takes you. Here are the most effective ways to safeguard your digital footprint: 1. Use a VPN A Virtual Private Network (VPN) is one of the most effective tools for securing your internet connection while traveling. VPNs encrypt your online activity, preventing hackers from intercepting sensitive information like passwords or payment details, even on public Wi-Fi networks. Popular options like NordVPN, ExpressVPN, and CyberGhost offer global servers, ensuring reliable and secure connectivity wherever you are. 2. Enable Two-Factor Authentication (2FA) Securing your accounts with two-factor authenti | Spam Malware Tool Vulnerability Threat Mobile Cloud | ★★★ | |
|
2025-01-28 13:47:13 | Apple Patches Zero-Day Exploit Affecting iPhones, Macs, iPads, Watches & TVs (lien direct) | On Monday, Apple rolled out critical security updates to address several vulnerabilities affecting iPhones, Macs, and other devices, including a zero-day vulnerability actively exploited in the wild to target iPhone users.
The zero-day vulnerability, identified as CVE-2025-24085 (no CVSS score assigned yet), is a use-after-free flaw in Apple\'s Core Media component that could allow a pre-installed malicious application to gain elevated privileges on vulnerable devices.
According to Apple, the Core Media is a foundational framework within the Apple operating system that offers the underlying structure for processing and managing media data like video and audio.
It is the media pipeline used by AVFoundation and other high-level media frameworks found on Apple platforms.
“Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2,” the company wrote in the advisory ([1], [2], [3], [4], [5]) published on Monday.
The zero-day vulnerability affected a broad range of Apple devices, including:
iPhone XS and later
iPad Pro 13-inch, iPad Pro 12.9-inch (3rd generation and later), iPad Pro 11-inch (1st generation and later), iPad Air (3rd generation and later), iPad (7th generation and later), and iPad mini (5th generation and later)
Macs running macOS Sequoia 15.3
Apple Watch Series 6 and later
Apple TV HD and Apple TV 4K (all models)
Apple Vision Pro running visionOS 2.3
Apple has resolved the CVE-2025-24085 vulnerability by releasing software updates - iOS 18.3, iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, visionOS 2.3, and tvOS 18.3 - with improved memory management.
Meanwhile, the company has not provided any information on how the above vulnerability was exploited, by whom, or who may have been targeted.
It has also not attributed the discovery of the vulnerability to a researcher.
Users are urged to update their iPhone, iPad, Mac, Apple Watch, and Apple TV immediately with the latest security updates to stay protected against potential threats.
Enable automatic updates to ensure you receive future patches on your devices without delay.
Further, avoid clicking on suspicious links and only download apps from trusted sources to reduce the risk of vulnerabilities.
On Monday, Apple rolled out critical security updates to address several vulnerabilities affecting iPhones, Macs, and other devices, including a zero-day vulnerability actively exploited in the wild to target iPhone users. The zero-day vulnerability, identified as CVE-2025-24085 (no CVSS score assigned yet), is a use-after-free flaw in Apple\'s Core Media component that could allow a pre-installed malicious application to gain elevated privileges on vulnerable devices. According to Apple, the Core Media is a foundational framework within the Apple operating system that offers the underlying structure for processing and managing media data like video and audio. It is the media pipeline used by AVFoundation and other high-level media frameworks found on Apple platforms. “Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2,” the company wrote in the |
Vulnerability Threat Mobile | ★★★ | |
|
2025-01-28 11:27:02 | Signal will let you sync old messages when linking new devices (lien direct) | Signal is finally adding a new feature that allows users to synchronize their old message history from their primary iOS or Android devices to newly linked devices like desktops and iPads. [...]
Signal is finally adding a new feature that allows users to synchronize their old message history from their primary iOS or Android devices to newly linked devices like desktops and iPads. [...] |
Mobile | ★★★ | |
 |
2025-01-28 06:33:22 | Attackers Exploit PDFs in Sophisticated Mishing Attack (lien direct) | In a newly discovered phishing campaign, malicious actors are using malicious PDF files to target mobile device users in potentially more than 50 countries. Dubbed the “PDF Mishing Attack,” the campaign exploits the widespread trust in PDFs as a secure file format, revealing new vulnerabilities in mobile platforms. The phishing operation masquerades as the United [...]
In a newly discovered phishing campaign, malicious actors are using malicious PDF files to target mobile device users in potentially more than 50 countries. Dubbed the “PDF Mishing Attack,” the campaign exploits the widespread trust in PDFs as a secure file format, revealing new vulnerabilities in mobile platforms. The phishing operation masquerades as the United [...] |
Vulnerability Threat Mobile | ★★★ | |
|
2025-01-27 21:13:34 | Zimperium Reveals New Advanced PDF-Based Cyber Threat Exploiting Mobile Devices (lien direct) | Zimperium Reveals New Advanced PDF-Based Cyber Threat Exploiting Mobile Devices
Sophisticated Mishing Campaign Leveraging Malicious PDFs Poses a Significant Threat to Organizations Across 50+ Countries
-
Malware Update
Zimperium Reveals New Advanced PDF-Based Cyber Threat Exploiting Mobile Devices Sophisticated Mishing Campaign Leveraging Malicious PDFs Poses a Significant Threat to Organizations Across 50+ Countries - Malware Update |
Threat Mobile | ★★★ | |
|
2025-01-27 14:00:00 | New Phishing Campaign Targets Mobile Devices with Malicious PDFs (lien direct) | A novel phishing campaign identified by Zimperium targets mobile users with malicious PDFs, impersonating USPS to steal credentials
A novel phishing campaign identified by Zimperium targets mobile users with malicious PDFs, impersonating USPS to steal credentials |
Mobile | ★★★★ | |
|
2025-01-27 14:00:00 | Hidden in Plain Sight: PDF Mishing Attack (lien direct) | >As part of our ongoing mission to identify emerging threats to mobile security, our zLabs team has been actively tracking a phishing campaign impersonating the United States Postal Service (USPS) which is exclusively targeting mobile devices.
>As part of our ongoing mission to identify emerging threats to mobile security, our zLabs team has been actively tracking a phishing campaign impersonating the United States Postal Service (USPS) which is exclusively targeting mobile devices. |
Mobile | ★★★★ | |
|
2025-01-27 09:00:00 | OwnTracks - Autogérez vos données de localisation en toute confiance (lien direct) | Vous connaissez sûrement ces applications de tracking GPS qui vous promettent monts et merveilles pour évidemment mieux revendre vos données de localisation au plus offrant ! Bouuuuh !
Alors si je vous présentais une alternative 100% open-source qui vous permet de garder le contrôle total sur vos données de position, que diriez-vous ?
Figurez-vous que j’ai découvert grâce à Lorenper, un véritable petit trésor de vie privée : OwnTracks. Cette application disponible sur iOS et Android va vous permettre de suivre vos déplacements et ceux de vos proches, sans compromis sur la confidentialité.
Vous connaissez sûrement ces applications de tracking GPS qui vous promettent monts et merveilles pour évidemment mieux revendre vos données de localisation au plus offrant ! Bouuuuh ! Alors si je vous présentais une alternative 100% open-source qui vous permet de garder le contrôle total sur vos données de position, que diriez-vous ? Figurez-vous que j’ai découvert grâce à Lorenper, un véritable petit trésor de vie privée : OwnTracks. Cette application disponible sur iOS et Android va vous permettre de suivre vos déplacements et ceux de vos proches, sans compromis sur la confidentialité. |
Mobile | ★★★ | |
|
2025-01-26 18:18:39 | Zimperium\\'s Comprehensive Protection Against Fake SBI Reward Banking Trojan (lien direct) | >As part of our ongoing mission to identify emerging threats to mobile security, our zLabs team shares how we can help protect you against fake SBI Reward banking trojan.
>As part of our ongoing mission to identify emerging threats to mobile security, our zLabs team shares how we can help protect you against fake SBI Reward banking trojan. |
Mobile | ★★★ | |
|
2025-01-25 13:30:00 | Protect Your Phone With Android\\'s Theft Detection Features (lien direct) | Enable these three anti-theft features on your Android phone right now. They\'ll keep your sensitive info private if attackers steal your device while it\'s unlocked.
Enable these three anti-theft features on your Android phone right now. They\'ll keep your sensitive info private if attackers steal your device while it\'s unlocked. |
Mobile | ★★ | |
|
2025-01-24 21:36:27 | More than 2,000 SonicWall devices vulnerable to critical zero-day (lien direct) | The Cybersecurity and Infrastructure Security Agency warned that a bug affecting SonicWall\'s Secure Mobile Access products is being actively exploited.
The Cybersecurity and Infrastructure Security Agency warned that a bug affecting SonicWall\'s Secure Mobile Access products is being actively exploited. |
Vulnerability Threat Mobile | ★★ |
To see everything:
Our RSS (filtrered)
