This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T14:37:36+00:00 www.secnews.physaphae.fr Techworm - News wrote in a blog post on Thursday. To enable Identity Check, you can designate one or more areas as a trusted location. When you are outside of these designated areas, you will need to use biometric authentication to access important account and device settings, such as changing your device PIN or biometrics, disabling theft protection, performing a factory reset, turning off \'Find My Device\', accessing saved passwords or Passkeys, adding or removing a Google Account, or accessing Developer options. Identity Check also provides enhanced protection for Google Accounts on all supported devices and adds more security for Samsung Accounts on eligible Galaxy devices with One UI 7. This makes it much more difficult for an unauthorized attacker to access accounts signed in on the device. The feature is now available on Google Pixel devices running Android 15. It will roll out on Samsung One UI 7 devices in the coming weeks and on supported Android devices from other manufacturers “later this year.” To turn on the Identity Check feature, you need to go to Settings > Google > All services > Theft Protection, and tap “Identity Check”. To activate this feature, you must sign in to a Google Account and add a screen lock if you haven\'t. Then, add biometrics, like Fingerprint or Face Unlock, as well as your trusted places, like Home or Work. After completion, tap Done. In addition to launching Identity Check, Google announced its Theft Detection Lock feature. This feature uses an AI-powered on-device algorithm to recognize when your phone is forcibly taken and lock the screen. If the machine learning algorithm detects a possible theft attempt on your unlocked device, it automatically locks the screen to protect it from thieves. This feature has been fully rolled out on devices running Android 10 and later worldwide. To enable the Theft Detection Lock feature on your device, tap Settings > Google > All services > Theft protection and toggle the “Theft Detection Lock” switch. Lastly, Google mentioned that it is collaborating with the GSMA and industry experts to tackle mobile device theft by sharing information, tools, and prevention techn]]> 2025-01-24T19:56:28+00:00 https://www.techworm.net/2025/01/android-identity-check-feature.html www.secnews.physaphae.fr/article.php?IdArticle=8642081 False Tool,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has launched a new feature called Identity Check for supported Android devices that locks sensitive settings behind biometric authentication when outside of trusted locations. "When you turn on Identity Check, your device will require explicit biometric authentication to access certain sensitive resources when you\'re outside of trusted locations," Google said in a post announcing the]]> 2025-01-24T12:50:00+00:00 https://thehackernews.com/2025/01/androids-new-identity-check-feature.html www.secnews.physaphae.fr/article.php?IdArticle=8641940 False Mobile None 3.0000000000000000 Korben - Bloger francais Identity Check. Cette nouveauté, qui débarque d’abord sur les Pixel sous Android 15, représente une approche plutôt novatrice de la sécurité mobile. Le principe c’est de mettre en place une double authentification intelligente et contextuelle qui s’active automatiquement lorsque vous n’êtes pas dans un lieu de confiance.

---

Face à la recrudescence des vols de téléphones et des techniques toujours plus sophistiquées des malfaiteurs, Google contre-attaque encore avec une solution baptisée Identity Check. Cette nouveauté, qui débarque d’abord sur les Pixel sous Android 15, représente une approche plutôt novatrice de la sécurité mobile. Le principe c’est de mettre en place une double authentification intelligente et contextuelle qui s’active automatiquement lorsque vous n’êtes pas dans un lieu de confiance.]]> 2025-01-24T07:31:08+00:00 https://korben.info/android-identity-check-securite-vol-pixel-samsung.html www.secnews.physaphae.fr/article.php?IdArticle=8641939 False Mobile None 3.0000000000000000 Zimperium - cyber risk firms for mobile Take a look at Zimperium\'s coverage against Android malware in Donot APT operations and extended indicators of compromise.

---

>Take a look at Zimperium\'s coverage against Android malware in Donot APT operations and extended indicators of compromise. ]]> 2025-01-23T16:26:39+00:00 https://www.zimperium.com/blog/android-malware-in-donot-apt-operations-and-extended-indicators-of-compromise/ www.secnews.physaphae.fr/article.php?IdArticle=8641817 False Malware,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SonicWall is alerting customers of a critical security flaw impacting its Secure Mobile Access (SMA) 1000 Series appliances that it said has been likely exploited in the wild as a zero-day. The vulnerability, tracked as CVE-2025-23006, is rated 9.8 out of a maximum of 10.0 on the CVSS scoring system. "Pre-authentication deserialization of untrusted data vulnerability has been identified in the]]> 2025-01-23T15:54:00+00:00 https://thehackernews.com/2025/01/sonicwall-urges-immediate-patch-for.html www.secnews.physaphae.fr/article.php?IdArticle=8641529 False Vulnerability,Threat,Mobile None 3.0000000000000000 GoogleSec - Firm Security Blog recently launched Android theft protection, a comprehensive suite of features designed to protect you and your data at every stage – before, during, and after device theft. As part of our commitment to help you stay safe on Android, we\'re expanding and enhancing these features to deliver even more robust protection to more users around the world. Identity Check rolling out to Pixel and Samsung One UI 7 devices We\'re officially launching Identity Check, first on Pixel and Samsung Galaxy devices eligible for One UI 71, to provide better protection for your critical account and device settings. When you turn on Identity Check, your device will require explicit biometric authentication to access certain sensitive resources when you\'re outside of trusted locations. Identity Check also enables enhanced protection for Google Accounts on all supported devices and additional security for Samsung Accounts on One UI 7 eligible Galaxy devices, making it much more difficult for an unauthorized attacker to take over accounts signed in on the device. As part of enabling Identity Check, you can designate one or more trusted locations. When you\'re outside of these trusted places, biometric authentication will be required to access critical account and device settings, like changing your device PIN or biometrics, disabling theft protection, or accessing Passkeys. Identity Check gives you more peace of mind that your most sensitive device assets are protected against unauthorized access, even if a thief or bad actor manages to learn your device PIN. Identity Check is rolling out now to Pixel devices with Android 15 and will be available on One UI 7 eligible Galaxy devices in the coming weeks. It will roll out to supported Android devices from other manufacturers later this year. Theft Detection Lock: expanding AI-powered protection to more users One of the top theft protection features introduced last year was Theft Detection Lock, which uses an on-device AI-powered algorithm to help detect when your phone may be forcibly taken from you. If the machine learning algorithm detects a potential theft attempt on your unlocked device, it locks your scre]]> 2025-01-23T13:01:21+00:00 http://security.googleblog.com/2025/01/android-theft-protection-identity-check-expanded-features.html www.secnews.physaphae.fr/article.php?IdArticle=8641698 False Tool,Mobile,Medical None 3.0000000000000000 Bleeping Computer - Magazine Américain Google has announced a new Android "Identity Check" security feature that lock sensitive settings behind biometric authentication when outside a trusted location. [...]]]> 2025-01-23T13:00:00+00:00 https://www.bleepingcomputer.com/news/security/new-android-identity-check-locks-settings-outside-trusted-locations/ www.secnews.physaphae.fr/article.php?IdArticle=8641702 False Mobile None 3.0000000000000000 Global Security Mag - Site de news francais Product Reviews

---

Appdome Unveils Threat Dynamics™ to Become Industry\'s First AI-Native Extended Threat Management Platform Threat Dynamics Shows How Threats Move and Provides a Benchmark Mobile Risk Index™ to Help Businesses Manage and Stay Ahead of Fraud and Cyber Threats - Product Reviews]]> 2025-01-22T20:05:50+00:00 https://www.globalsecuritymag.fr/appdome-unveils-threat-dynamics-tm.html www.secnews.physaphae.fr/article.php?IdArticle=8641236 False Threat,Mobile None 3.0000000000000000 Wired Threat Level - Security News The company\'s new smartphones do not have Qi2 wireless charging built in natively. Just give me my magnetic Android phone already!]]> 2025-01-22T18:15:00+00:00 https://www.wired.com/story/qi2-ready-certified-phones-and-cases/ www.secnews.physaphae.fr/article.php?IdArticle=8641214 False Mobile None 3.0000000000000000 Wired Threat Level - Security News The three flagship Android phones debut new ways to interact with Google\'s Gemini and, yes, Samsung\'s Bixby.]]> 2025-01-22T18:00:00+00:00 https://www.wired.com/story/samsung-galaxy-s25-galaxy-s25-plus-galaxy-s25-ultra/ www.secnews.physaphae.fr/article.php?IdArticle=8641192 False Mobile None 4.0000000000000000 Dark Reading - Informationweek Branch The advanced persistent threat (APT) group is likely India-based and targeting individuals with connections to the country\'s intelligence community.]]> 2025-01-21T21:15:18+00:00 https://www.darkreading.com/cyberattacks-data-breaches/donot-group-malicious-android-apps-india www.secnews.physaphae.fr/article.php?IdArticle=8640785 False Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Threat actor known as DoNot Team has been linked to a new Android malware as part of highly targeted cyber attacks. The artifacts in question, named Tanzeem (meaning "organization" in Urdu) and Tanzeem Update, were spotted in October and December 2024 by cybersecurity company Cyfirma. The apps in question have been found to incorporate identical functions, barring minor modifications to the]]> 2025-01-20T20:23:00+00:00 https://thehackernews.com/2025/01/donot-team-linked-to-new-tanzeem.html www.secnews.physaphae.fr/article.php?IdArticle=8640190 False Malware,Threat,Mobile None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Android apps, linked to APT group DONOT, disguised as a chat platform for intelligence gathering]]> 2025-01-20T16:05:00+00:00 https://www.infosecurity-magazine.com/news/indian-apt-group-donot-app/ www.secnews.physaphae.fr/article.php?IdArticle=8640188 False Mobile None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 2. Information was passed off to LevelBlue Threat Hunters to conduct further internal and external research for the identified artifact. 3. A dedicated threat hunter conducted a review of events including the subject user agent. Event logs were compared against each other and the successful logins provided additional key data points. Shared Access Signature (SAS) authentication  "SAS authentication" refers to a method of user access control using a "Shared Access Signature" (SAS) token, which essentially grants temporary, limited access to specific resources within a cloud platform like Azure. This allows users to access data without directly sharing the full account access ]]> 2025-01-17T18:21:00+00:00 https://levelblue.com/blogs/security-essentials/explore-compelling-narratives-from-the-soc www.secnews.physaphae.fr/article.php?IdArticle=8641234 False Tool,Threat,Mobile,Cloud None 3.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé 2025-01-17T14:17:53+00:00 https://blog.incogni.com/how-to-delete-all-emails-on-your-iphone/ www.secnews.physaphae.fr/article.php?IdArticle=8638798 False Mobile None 3.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé 2025-01-17T10:50:12+00:00 https://blog.incogni.com/how-to-remove-my-mobile-number-from-websites/ www.secnews.physaphae.fr/article.php?IdArticle=8638718 False Mobile None 2.0000000000000000 Vuln AWS - FLux Vuln AWS CVE-2025-0500: This issue applies to specific versions of native clients for Amazon WorkSpaces (when running Amazon DCV protocol), Amazon AppStream 2.0, and Amazon DCV, listed below. If leveraged, this issue could allow a bad actor to perform a man-in-the-middle attack, allowing them to access remote WorkSpaces, AppStream, or DCV sessions. We recommend customers upgrade to the versions with the fix to address this issue. Affected versions: Amazon WorkSpaces Windows client 5.20.0 or earlier, macOS client 5.20.0 or earlier, and Linux client 2024.1 or earlier. Amazon AppStream 2.0 Windows client 1.1.1326 or earlier. Amazon DCV Windows client 2023.1.8993 or earlier, macOS client 2023.1.6203 or earlier, and Linux client 2023.1.6203 or earlier for all supported Linux distributions. Resolution: This issue was fixed in specific versions of the Amazon WorkSpaces, Amazon AppStream 2.0, and Amazon DCV clients listed below. Upgrading to these or later versions remediates the issue. Versions with the fix: Amazon WorkSpaces Windows client 5.21.0 or later, macOS client 5.21.0 or later, and Linux client 2024.2 or later. Amazon AppStream 2.0 Windows client 1.1.1332 or later. Amazon DCV Windows client 2023.1.9127 or later, macOS client 2023.1.6703 or later, and Linux client 2023.1.6703 or later for all supported Linux distributions. CVE-2025-0501: The issue applies to specific versions of native clients for Amazon WorkSpaces (when running Amazon PCoIP protocol), listed below. If leveraged, this issue could allow a bad actor to perform a man-in-the-middle attack, allowing them to access remote WorkSpaces sessions. We recommend customers upgrade to the versions with the fix to address this issue. Affected versions: Amazon WorkSpaces Windows client 5.22.0 or earlier, macOS client 5.22.0 or earlier, Linux client 2024.5 or earlier, and Android client 5.0.0 or earlier. Resolution: This issue was fixed in specific versions of the Amazon WorkSpaces clients listed below. Upgrading to these or later versions remediates the issue. Versions with the fix: Amazon WorkSpaces Windows client 5.22.1 or later, macOS client 5.22.1 or later, Linux client 2024.6 or later, and Android client 5.0.1 or later. References: CVE-2025-0500 CVE-2025-0501 Please email aws-security@amazon.com with any security questions or concerns.

---

Publication Date: 2025/01/15 10:30AM PST Description: AWS identified two issues in specific versions of native clients for Amazon Wor]]> 2025-01-15T18:18:13+00:00 https://aws.amazon.com/security/security-bulletins/AWS-2025-001/ www.secnews.physaphae.fr/article.php?IdArticle=8637855 False Mobile None None Wired Threat Level - Security News Make the most of every 24 hours.]]> 2025-01-15T14:30:00+00:00 https://www.wired.com/story/best-time-management-apps/ www.secnews.physaphae.fr/article.php?IdArticle=8637739 False Mobile None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 2025-01-14T18:59:00+00:00 https://levelblue.com/blogs/security-essentials/3-tips-for-eliminating-attack-surface-blind-spots www.secnews.physaphae.fr/article.php?IdArticle=8638362 False Tool,Vulnerability,Threat,Mobile,Industrial,Cloud None 3.0000000000000000 Korben - Bloger francais Alors mes petits fanboys d’Apple, vous qui pensiez que votre précieux iPhone était une forteresse imprenable, vous allez devoir racheter des sticks de cristaux de menthe car un chercheur en sécurité vient de réussir à pirater le fameux contrôleur USB-C de l’iPhone 15 et 16. Mais pas de panique, gardez votre iPhone bien au chaud dans votre poche de hipster, car je vais tout vous expliquer. Pour les néophytes (et les possesseurs d’Android qui se demandent encore pourquoi on parle d’Apple), le contrôleur ACE3, introduit dans la chaîne d’approvisionnement d’Apple en 2023, est un petit composant très smart qui gère toutes les communications via le port USB-C de votre iPhone. C’est un peu comme le videur d’une boîte de nuit très branchouille : C’est lui qui décide qui entre, qui sort, et surtout comment. Plus techniquement, il s’agit d’un microcontrôleur complet qui gère non seulement la charge, mais aussi toute une pile USB connectée aux bus internes de l’appareil.]]> 2025-01-14T16:15:06+00:00 https://korben.info/piratage-port-usb-c-iphone-15-securite.html www.secnews.physaphae.fr/article.php?IdArticle=8637197 False Mobile None 4.0000000000000000 ProofPoint - Cyber Firms 2025-01-14T11:54:10+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/proofpoint-named-leader-2025-gartnerr-magic-quadranttm-digital www.secnews.physaphae.fr/article.php?IdArticle=8637329 False Threat,Mobile,Technical,Commercial None 3.0000000000000000 Techworm - News CVE-2024-49415 (CVSS score: 8.1) is an out-of-bounds write issue in the saped_rec function of the libsaped.so library, a library of C2 media service responsible for audio playback. It affected the Monkey\'s Audio (APE) decoder used in Samsung\'s flagship Galaxy S23 and S24 devices running Android versions 12, 13, and 14. “Out-of-bound write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote attackers to execute arbitrary code. The patch adds proper input validation,” read the advisory for the flaw released in December 2024 as part of Samsung\'s monthly security updates. How the attack could be performed? Natalie Silvanovich, a Google Project Zero researcher who identified and reported the vulnerability to Samsung on September 21, 2024, said that the attack could be carried out by sending a malicious audio file that does not require any user involvement (zero-click), making it potentially dangerous. The flaw occurred due to Samsung\'s handling of RCS (rich communication services) messages, specifically in how incoming audio messages are parsed and processed through the Google Messages app in Android. This setting is enabled by default on the Galaxy S23 and S24 models. “The function saped_rec in libsaped.so writes to a dmabuf allocated by the C2 media service, which always appears to have size 0x120000. While the maximum blocksperframe value extracted by libsapedextractor is also limited to 0x120000, saped_rec can write up to 3 * blocksperframe bytes out, if the bytes per sample of the input is 24. This means that an APE file with a large blocksperframe size can substantially overflow this buffer,” Silvanovich wrote in her bug report. “Note that this is a fully remote (0-click) bug on the Samsung S24 if Google Messages is configured for RCS (the default configuration on this device), as the transcription service decodes incoming audio before a user interacts with the message for transcription purposes.” In a hypothetical attack scenario, an attacker can exploit the vulnerability by sending a specially crafted audio message on RCS-enabled devices, causing the device\'s media codec process (“samsung.software.media.c2”) to crash and open a way for further exploitation. In addition to the above flaw, Samsung’s December 2024 update also fixed another vulnerability: CVE-2024-49413 (CVSS score: 7.1), involving the SmartSwitch app. This flaw allowed local attackers allowed local attackers to install malicious applications by exploiting insufficient cryptographic signature verification. While Samsung has fixed the flaws, it is recommended that users update their RCS-enabled devices with the latest security updates. Additionally, it is advisable to disable RCS in Google Messages to reduce the risk of zero-click exploits further.

---

Researchers at Google Project Zero on Friday disclosed a now-patched zero-click vulnerability that could allow remote attackers to execute arbitrary code on Samsung devices without any user interaction. The vulnerability tracked as CVE-2024]]> 2025-01-11T21:03:20+00:00 https://www.techworm.net/2025/01/google-project-zero-zero-click-exploit-samsung-devices.html www.secnews.physaphae.fr/article.php?IdArticle=8636033 False Vulnerability,Threat,Mobile None 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain reporting on all the apps that are spying on your location, based on a hack of the location data company Gravy Analytics: The thousands of apps, included in hacked files from location data company Gravy Analytics, include everything from games like Candy Crush to dating apps like Tinder, to pregnancy tracking and religious prayer apps across both Android and iOS. Because much of the collection is occurring through the advertising ecosystem­—not code developed by the app creators themselves—­this data collection is likely happening both without users\' and even app developers\' knowledge...

---

404 Media is reporting on all the apps that are spying on your location, based on a hack of the location data company Gravy Analytics: The thousands of apps, included in hacked files from location data company Gravy Analytics, include everything from games like Candy Crush to dating apps like Tinder, to pregnancy tracking and religious prayer apps across both Android and iOS. Because much of the collection is occurring through the advertising ecosystem­—not code developed by the app creators themselves—­this data collection is likely happening both without users\' and even app developers\' knowledge...]]> 2025-01-10T16:27:17+00:00 https://www.schneier.com/blog/archives/2025/01/apps-that-are-spying-on-your-location.html www.secnews.physaphae.fr/article.php?IdArticle=8635691 False Hack,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have detailed a now-patched security flaw impacting Monkey\'s Audio (APE) decoder on Samsung smartphones that could lead to code execution. The high-severity vulnerability, tracked as CVE-2024-49415 (CVSS score: 8.1), affects Samsung devices running Android versions 12, 13, and 14. "Out-of-bounds write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote]]> 2025-01-10T15:17:00+00:00 https://thehackernews.com/2025/01/google-project-zero-researcher-uncovers.html www.secnews.physaphae.fr/article.php?IdArticle=8635588 False Vulnerability,Threat,Mobile None 3.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET As detections of cryptostealers surge across Windows, Android and macOS, it\'s time for a refresher on how to keep your bitcoin or other crypto safe]]> 2025-01-09T10:00:00+00:00 https://www.welivesecurity.com/en/cybersecurity/crypto-soaring-threats-how-keep-wallet-safe/ www.secnews.physaphae.fr/article.php?IdArticle=8648713 False Mobile None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber The bulletin identifies five critical remote code execution (RCE) vulnerabilities affecting the core components of Android\'s system.

---

>The bulletin identifies five critical remote code execution (RCE) vulnerabilities affecting the core components of Android\'s system. ]]> 2025-01-07T15:40:28+00:00 https://cyberscoop.com/android-security-update-january-2025/ www.secnews.physaphae.fr/article.php?IdArticle=8634557 False Vulnerability,Mobile None 3.0000000000000000 Dark Reading - Informationweek Branch A fake Telegram Premium app delivers information-stealing malware, in a prime example of the rising threat of adversaries leveraging everyday applications, researchers say.]]> 2025-01-06T21:12:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/firescam-android-spyware-campaign-significant-threat-worldwide www.secnews.physaphae.fr/article.php?IdArticle=8634261 False Malware,Threat,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An Android information stealing malware named FireScam has been found masquerading as a premium version of the Telegram messaging app to steal data and maintain persistent remote control over compromised devices. "Disguised as a fake \'Telegram Premium\' app, it is distributed through a GitHub.io-hosted phishing site that impersonates RuStore – a popular app store in the Russian Federation,"]]> 2025-01-06T16:40:00+00:00 https://thehackernews.com/2025/01/firescam-android-malware-poses-as.html www.secnews.physaphae.fr/article.php?IdArticle=8634095 False Malware,Mobile None 3.0000000000000000 The Register - Site journalistique Anglais Once installed, it helps itself to your data like it\'s a free buffet Android malware dubbed FireScam tricks people into thinking they are downloading a Telegram Premium application that stealthily monitors victims\' notifications, text messages, and app activity, while stealing sensitive information via Firebase services.…]]> 2025-01-06T16:31:14+00:00 https://go.theregister.com/feed/www.theregister.com/2025/01/06/firescam_android_malware/ www.secnews.physaphae.fr/article.php?IdArticle=8634178 False Malware,Mobile None 3.0000000000000000 Global Security Mag - Site de news francais Security Vulnerability

---

An attacker can use several vulnerabilities of Google Android | Pixel. - Security Vulnerability]]> 2025-01-06T14:10:10+00:00 https://www.globalsecuritymag.fr/vigilance-fr-google-android-pixel-multiple-vulnerabilities-if-july-2023.html www.secnews.physaphae.fr/article.php?IdArticle=8634432 False Vulnerability,Mobile None 2.0000000000000000 Global Security Mag - Site de news francais Vulnérabilités

---

Un attaquant peut employer plusieurs vulnérabilités de Google Android | Pixel. - Vulnérabilités]]> 2025-01-06T14:10:10+00:00 https://www.globalsecuritymag.fr/vigilance-fr-google-android-pixel-multiples-vulnerabilites-de-juillet-2023.html www.secnews.physaphae.fr/article.php?IdArticle=8634433 False Mobile None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite The ubiquity of mobile applications has created a perfect storm for bad actors, offering ample opportunities to exploit unsuspecting users. One of the latest instances is FireScam, a sophisticated malware that targets Android devices. Disguised as a fake “Telegram Premium” app, FireScam uses phishing websites to lure victims into downloading malware that infects their devices [...]]]> 2025-01-06T03:38:52+00:00 https://informationsecuritybuzz.com/firescam-malware-threat-to-mobile-user/ www.secnews.physaphae.fr/article.php?IdArticle=8633966 False Malware,Threat,Mobile None 3.0000000000000000 HackRead - Chercher Cyber Researchers at Cyfirma have discovered FireScam, an Android malware disguised as \'Telegram Premium\' that steals data, monitors activity, and infiltrates devices. Learn about its distribution, functionality, and the impact on user privacy.]]> 2025-01-04T13:00:00+00:00 https://hackread.com/firescam-infostealer-spyware-android-fake-telegram-premium/ www.secnews.physaphae.fr/article.php?IdArticle=8633449 False Malware,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain A new Android malware named \'FireScam\' is being distributed as a premium version of the Telegram app via phishing websites on GitHub that mimick the RuStore, Russia\'s app market for mobile devices. [...]]]> 2025-01-04T10:16:26+00:00 https://www.bleepingcomputer.com/news/security/new-firescam-android-data-theft-malware-poses-as-telegram-premium-app/ www.secnews.physaphae.fr/article.php?IdArticle=8633668 False Malware,Mobile None 3.0000000000000000 The Register - Site journalistique Anglais Web giant now pledges full support A warehouse worker at an Amazon facility in Mobile, Alabama, who was struck by a truck and shot in the New Orleans New Year\'s Day deadly terror attack, was initially denied medical leave by the internet mega-giant, possibly due to an HR mix-up.…]]> 2025-01-04T01:30:10+00:00 https://go.theregister.com/feed/www.theregister.com/2025/01/04/amazon_worker_health/ www.secnews.physaphae.fr/article.php?IdArticle=8633288 False Mobile,Medical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple has agreed to pay $95 million to settle a proposed class action lawsuit that accused the iPhone maker of invading users\' privacy using its voice-activated Siri assistant. The development was first reported by Reuters. The settlement applies to U.S.-based individuals current or former owners or purchasers of a Siri-enabled device who had their confidential voice communications with the]]> 2025-01-03T11:13:00+00:00 https://thehackernews.com/2025/01/apple-to-pay-siri-users-20-per-device.html www.secnews.physaphae.fr/article.php?IdArticle=8632983 False Mobile None 4.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Docomo has revealed a DDoS attack on Thursday took down key services]]> 2025-01-03T11:10:00+00:00 https://www.infosecurity-magazine.com/news/ddos-disrupts-japanese-mobile/ www.secnews.physaphae.fr/article.php?IdArticle=8633080 False Mobile None 4.0000000000000000 Recorded Future - FLux Recorded Future Tokyo-based mobile carrier NTT Docomo said some of its web systems were disrupted by a distributed denial-of-service (DDoS) attack.]]> 2025-01-02T16:21:26+00:00 https://therecord.media/ntt-docomo-japan-mobile-carrier-ddos-incident www.secnews.physaphae.fr/article.php?IdArticle=8632790 False Mobile None 3.0000000000000000 Global Security Mag - Site de news francais Vulnérabilités

---

Un attaquant peut employer plusieurs vulnérabilités de Google Android | Pixel. - Vulnérabilités]]> 2025-01-01T21:26:40+00:00 https://www.globalsecuritymag.fr/vigilance-fr-google-android-pixel-multiples-vulnerabilites-d-avril-2024-analyse.html www.secnews.physaphae.fr/article.php?IdArticle=8632512 False Mobile None 2.0000000000000000 Global Security Mag - Site de news francais Security Vulnerability

---

An attacker can use several vulnerabilities of Google Android | Pixel. - Security Vulnerability]]> 2025-01-01T21:26:40+00:00 https://www.globalsecuritymag.fr/vigilance-fr-google-android-pixel-multiple-vulnerabilities-of-april-2024.html www.secnews.physaphae.fr/article.php?IdArticle=8632511 False Vulnerability,Mobile None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) ## Snapshot FireScam is a sophisticated Android malware distributed via phishing websites hosted on GitHub.io. ## Description Posing as a “Telegram Premium” app, it mimics the RuStore app store to trick users into downloading a malicious APK dropper. Once installed, FireScam initiates a multi-stage infection process, deploying spyware that surveils the device extensively. It exfiltrates sensitive data, including messages, notifications, and e-commerce transactions, to Firebase Realtime Database endpoints. Key capabilities of FireScam include monitoring notifications across multiple apps, capturing clipboard content, and logging device activity, such as screen state changes and user engagement. The malware also employs obfuscation techniques and sandbox detection mechanisms to evade security tools, ensuring persistence on compromised devices. Additionally, it utilizes Firebase for command-and-control communication and data exfiltration, further obscuring its malicious activities. FireScam exploits dynamic broadcast receivers and permissions to gain backdoor access to sensitive device events. Its phishing website delivers a realistic Tel]]> 2024-12-31T20:28:31+00:00 https://community.riskiq.com/article/01d83d9e www.secnews.physaphae.fr/article.php?IdArticle=8632163 False Malware,Tool,Threat,Mobile None 3.0000000000000000 ProofPoint - Cyber Firms 2024-12-30T13:22:42+00:00 https://www.proofpoint.com/us/blog/identity-threat-defense/why-mfa-good-not-good-enough-need-defense-depth-combat-mfa-bypass www.secnews.physaphae.fr/article.php?IdArticle=8631659 False Tool,Vulnerability,Threat,Mobile,Cloud None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine The Information Commissioner\'s Office has warned that millions of Brits don\'t know how to erase personal data from their old devices]]> 2024-12-23T09:30:00+00:00 https://www.infosecurity-magazine.com/news/ico-warns-festive-mobile-phone/ www.secnews.physaphae.fr/article.php?IdArticle=8629045 False Mobile None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-20T18:52:43+00:00 https://community.riskiq.com/article/81b47d0d www.secnews.physaphae.fr/article.php?IdArticle=8628075 True Spam,Malware,Tool,Threat,Mobile,Medical None 3.0000000000000000 Wired Threat Level - Security News It\'s still possible to just take normal-looking photos. Use these apps for Android and iOS to give your phone\'s camera a more natural eye.]]> 2024-12-20T10:00:00+00:00 https://www.wired.com/story/zerocam-hallide-anti-ai-camera-apps-for-better-smartphone-photos/ www.secnews.physaphae.fr/article.php?IdArticle=8627884 False Mobile None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-20T01:01:31+00:00 https://community.riskiq.com/article/ff7a63bc www.secnews.physaphae.fr/article.php?IdArticle=8627768 False Spam,Malware,Tool,Threat,Mobile,Cloud,Technical None 2.0000000000000000 Bleeping Computer - Magazine Américain The BadBox Android malware botnet has grown to over 192,000 infected devices worldwide despite a recent sinkhole operation that attempted to disrupt the operation in Germany. [...]]]> 2024-12-19T17:01:58+00:00 https://www.bleepingcomputer.com/news/security/badbox-malware-botnet-infects-192-000-android-devices-despite-disruption/ www.secnews.physaphae.fr/article.php?IdArticle=8627685 False Malware,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed that a threat actor it tracks as UAC-0125 is leveraging Cloudflare Workers service to trick military personnel in the country into downloading malware disguised as Army+, a mobile app that was introduced by the Ministry of Defence back in August 2024 in an effort to make the armed forces go paperless. Users who visit the]]> 2024-12-19T14:10:00+00:00 https://thehackernews.com/2024/12/uac-0125-abuses-cloudflare-workers-to.html www.secnews.physaphae.fr/article.php?IdArticle=8627441 False Malware,Threat,Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain A malicious Android spyware application named \'BMI CalculationVsn\' was discovered on the Amazon Appstore, masquerading as a simple health tool but stealing data from infected devices in the background. [...]]]> 2024-12-19T13:59:26+00:00 https://www.bleepingcomputer.com/news/security/android-spyware-found-on-amazon-appstore-disguised-as-health-app/ www.secnews.physaphae.fr/article.php?IdArticle=8627629 False Malware,Tool,Mobile None 2.0000000000000000 HackRead - Chercher Cyber Cybercriminals are using advanced techniques to target executives with mobile-specific phishing attacks.]]> 2024-12-19T12:48:17+00:00 https://hackread.com/mobile-phishing-executives-fake-docusign-links/ www.secnews.physaphae.fr/article.php?IdArticle=8627497 False Mobile None 2.0000000000000000 Recorded Future - FLux Recorded Future A 5-page advisory provided troves of guidance for both Apple and Android users, urging all “highly targeted individuals” to rely on the “consistent use of end-to-end encryption.”]]> 2024-12-18T21:04:15+00:00 https://therecord.media/cisa-urges-senior-officials-to-lock-down-devices-salt-typhoon www.secnews.physaphae.fr/article.php?IdArticle=8627224 False Mobile None 2.0000000000000000 Zimperium - cyber risk firms for mobile Over the past few months, enterprises have observed a pattern of sophisticated spearphishing attempts targeting their executives, with some specifically targeting their mobile devices. Our blog shares the details.

---

>Over the past few months, enterprises have observed a pattern of sophisticated spearphishing attempts targeting their executives, with some specifically targeting their mobile devices. Our blog shares the details. ]]> 2024-12-18T20:06:19+00:00 https://www.zimperium.com/blog/mobile-spear-phishing-targets-executive-teams/ www.secnews.physaphae.fr/article.php?IdArticle=8627223 False Mobile None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber The guide comes as the government continues to deal with the fallout of the Salt Typhoon hack.

---

>The guide comes as the government continues to deal with the fallout of the Salt Typhoon hack. ]]> 2024-12-18T19:13:34+00:00 https://cyberscoop.com/cisa-mobile-security-best-practices-salt-typhoon/ www.secnews.physaphae.fr/article.php?IdArticle=8627197 False Hack,Mobile None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-18T18:56:30+00:00 https://community.riskiq.com/article/4098d913 www.secnews.physaphae.fr/article.php?IdArticle=8627194 True Ransomware,Malware,Tool,Threat,Mobile,Industrial None 3.0000000000000000 Krebs on Security - Chercheur Américain Adam Griffin is still in disbelief over how quickly he was robbed of nearly $500,000 in cryptocurrencies. A scammer called using a real Google phone number to warn his Gmail account was being hacked, sent email security alerts directly from google.com, and ultimately seized control over the account by convincing him to click "yes" to a Google prompt on his mobile device.]]> 2024-12-18T13:17:59+00:00 https://krebsonsecurity.com/2024/12/how-to-lose-a-fortune-with-just-one-bad-click/ www.secnews.physaphae.fr/article.php?IdArticle=8627062 False Mobile None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite Unified Security and Network Performance The proliferation of remote work, cloud services, and mobile devices has expanded the traditional network perimeter, introducing complexities in ensuring secure and efficient access to resources and the need to defend against web-based threats. All of this presents challenges to balancing flexibility, security, and performance. Enter Secure Access Service Edge (SASE), a transformative framework that converges networking and security into a unified, cloud-native service. SASE integrates wide-area networking (WAN) capabilities with comprehensive security services-such as Secure Web Gateway (SWG), Firewall as a Service (FWaaS), Zero Trust Network Access (ZTNA), and more -into a single, cloud-delivered […]

---

>Unified Security and Network Performance The proliferation of remote work, cloud services, and mobile devices has expanded the traditional network perimeter, introducing complexities in ensuring secure and efficient access to resources and the need to defend against web-based threats. All of this presents challenges to balancing flexibility, security, and performance. Enter Secure Access Service Edge (SASE), a transformative framework that converges networking and security into a unified, cloud-native service. SASE integrates wide-area networking (WAN) capabilities with comprehensive security services-such as Secure Web Gateway (SWG), Firewall as a Service (FWaaS), Zero Trust Network Access (ZTNA), and more -into a single, cloud-delivered […] ]]> 2024-12-18T13:00:03+00:00 https://blog.checkpoint.com/harmony-sase/how-sase-addresses-enterprise-network-challenges/ www.secnews.physaphae.fr/article.php?IdArticle=8627040 False Mobile,Cloud None 2.0000000000000000 Global Security Mag - Site de news francais Product Reviews

---

Appdome Announces Broader Device and System Coverage to Protect the Mobile Economy\'s Future New Defenses Empower Mobile Businesses to Securely Extend their Offerings to New Mobile-Enabled VR, AR, TV, Automotive and PC Platforms - Product Reviews]]> 2024-12-17T15:20:40+00:00 https://www.globalsecuritymag.fr/appdome-announced-that-the-appdome-mobile-defense-platform-now-protects.html www.secnews.physaphae.fr/article.php?IdArticle=8626626 False Mobile None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-16T12:50:03+00:00 https://community.riskiq.com/article/8d1747e7 www.secnews.physaphae.fr/article.php?IdArticle=8626055 False Ransomware,Malware,Tool,Vulnerability,Threat,Legislation,Mobile,Industrial,Prediction,Cloud APT C 60 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine The Serbian authorities have been using advanced mobile forensics products made by Israeli firm Cellebrite to extract data from mobile devices illegally]]> 2024-12-16T12:15:00+00:00 https://www.infosecurity-magazine.com/news/amnesty-accuses-serbia-spyware/ www.secnews.physaphae.fr/article.php?IdArticle=8626038 False Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain The Serbian government exploited Qualcomm zero-days to unlock and infect Android devices with a new spyware named \'NoviSpy,\' used to spy on activists, journalists, and protestors. [...]]]> 2024-12-16T10:06:16+00:00 https://www.bleepingcomputer.com/news/security/new-android-novispy-spyware-linked-to-qualcomm-zero-day-bugs/ www.secnews.physaphae.fr/article.php?IdArticle=8626085 False Vulnerability,Threat,Mobile None 2.0000000000000000 Amensty International - International Orgs This press release is also available in Serbian “Srbija: Vlasti koriste špijunske softvere i forenzičke alate kompanije Cellebrite za hakovanje novinara i aktivista“. Serbian police and intelligence authorities are using advanced phone spyware alongside mobile phone forensic products to unlawfully target journalists, environmental activists and other individuals in a covert surveillance campaign, a new Amnesty […]

---

>This press release is also available in Serbian “Srbija: Vlasti koriste špijunske softvere i forenzičke alate kompanije Cellebrite za hakovanje novinara i aktivista“. Serbian police and intelligence authorities are using advanced phone spyware alongside mobile phone forensic products to unlawfully target journalists, environmental activists and other individuals in a covert surveillance campaign, a new Amnesty […] ]]> 2024-12-16T06:00:00+00:00 https://securitylab.amnesty.org/latest/2024/12/serbia-a-digital-prison-spyware-and-cellebrite-used-on-journalists-and-activists/ www.secnews.physaphae.fr/article.php?IdArticle=8625865 False Hack,Tool,Legislation,Mobile None 4.0000000000000000 Amensty International - International Orgs Il s'agit d'un blog compagnon à notre rapport «une prison numérique» - surveillance et suppression de la société civile en Serbie.  Amnesty Security Lab a publié des indicateurs de compromis (IOC) pour l'application novispy spyware. Ce tutoriel explique comment utiliser AndroidQF Android Quick Forensics (AndroidQF) et la boîte à outils de vérification mobile (MVT) pour examiner un Android […]

---

>This is a companion blogpost to our report “A Digital Prison” – Surveillance and the Suppression of Civil Society in Serbia.  Amnesty Security Lab has published Indicators of Compromise (IOCs) for the NoviSpy spyware application. This tutorial explains how to use AndroidQF Android Quick Forensics (androidqf) and Mobile Verification Toolkit (MVT) to examine an Android […] ]]> 2024-12-16T06:00:00+00:00 https://securitylab.amnesty.org/latest/2024/12/tech-guide-detecting-novispy-spyware-with-androidqf-and-the-mobile-verification-toolkit-mvt/ www.secnews.physaphae.fr/article.php?IdArticle=8651217 False Mobile None 3.0000000000000000 ProjectZero - Blog de recherche Google here. Thanks to both Amnesty International and Google\'s Threat Analysis Group for providing the artifacts and collaborating on the subsequent technical analysis!IntroductionEarlier this year, Google\'s TAG received some kernel panic logs generated by an In-the-Wild (ITW) exploit. Those logs kicked off a bug hunt that led to the discovery of 6 vulnerabilities in one Qualcomm driver over the course of 2.5 months, including one issue that TAG reported as ITW. This blog post covers the details of the original artifacts, each of the bugs discovered, and the hypothesized ITW exploit strategy gleaned from the logs.ArtifactsUsually when successfully reverse-engineering an ITW exploit, Project Zero/TAG have had access to the exploit sample itself, making determining what vulnerability was exploited primarily a matter of time and effort. However, in this particular case, we received several kernel panic logs but unfortunately not the exploit sample. This meant we could not directly reproduce crashes or reverse engineer what bug was being exploited.Accurately determining what vulnerability an exploit uses working only off of crash logs and without the exploit itself can range in difficulty from highly plausible to impossible. I decided to give it a try and see what I could learn. Out of the 6 panics we received, 4 panics in particular contained potentially useful information:Log 1:[   47.223480] adsprpc: fastrpc_init_process: untrusted app trying to attach to privileged DSP PD[   47.254494] adsprpc: mapping not found to unmap fd 0xffffffff, va ]]> 2024-12-15T22:11:23+00:00 https://googleprojectzero.blogspot.com/2024/12/qualcomm-dsp-driver-unexpectedly-excavating-exploit.html www.secnews.physaphae.fr/article.php?IdArticle=8625888 False Vulnerability,Threat,Mobile,Technical None 3.0000000000000000 TechRepublic - Security News US Developers can try out the Android XR SDK now. Samsung has announced one upcoming set of glasses using the new OS.]]> 2024-12-13T18:15:29+00:00 https://www.techrepublic.com/article/google-android-xr/ www.secnews.physaphae.fr/article.php?IdArticle=8624718 False Mobile None 2.0000000000000000 Recorded Future - FLux Recorded Future Germany\'s Federal Office for Information Security (BSI) blocked communication between the infected devices - which are typically Android products such as smartphones, tablets and streaming boxes sold through online retailers or resale sites - and the criminals\' control servers.]]> 2024-12-13T15:35:43+00:00 https://therecord.media/germany-hacker-access-malware-cut www.secnews.physaphae.fr/article.php?IdArticle=8624624 False Malware,Mobile None 2.0000000000000000 The Register - Site journalistique Anglais Wider ecosystem still has work to do, though Google is rolling out two new features to help Android users evade stalkers who abuse Bluetooth tags to surreptitious track them.…]]> 2024-12-13T15:03:07+00:00 https://go.theregister.com/feed/www.theregister.com/2024/12/13/creeps_beware_android_beefs_up/ www.secnews.physaphae.fr/article.php?IdArticle=8624597 False Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain Russian cyberspies Gamaredon has been discovered using two Android spyware families named \'BoneSpy\' and \'PlainGnome\' to spy on and steal data from mobile devices. [...]]]> 2024-12-13T12:43:23+00:00 https://www.bleepingcomputer.com/news/security/russian-gamaredon-cyberspies-target-android-users-with-new-spyware/ www.secnews.physaphae.fr/article.php?IdArticle=8624677 False Mobile None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-13T12:29:31+00:00 https://community.riskiq.com/article/34cc78dd www.secnews.physaphae.fr/article.php?IdArticle=8624570 False Malware,Tool,Threat,Legislation,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Germany\'s Federal Office for Information Security (BSI) has disrupted the BadBox malware operation pre-loaded in over 30,000 Android IoT devices sold in the country. [...]]]> 2024-12-13T10:22:05+00:00 https://www.bleepingcomputer.com/news/security/germany-blocks-badbox-malware-loaded-on-30-000-android-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8624678 False Malware,Mobile None 2.0000000000000000 Dark Reading - Informationweek Branch A sophisticated social engineering cybercrime campaign bent on financial gain was observed being run from Tencent servers in Singapore.]]> 2024-12-13T07:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/dubai-police-lures-uae-mobile-attacks www.secnews.physaphae.fr/article.php?IdArticle=8624423 False Legislation,Mobile None 3.0000000000000000 McAfee Labs - Editeur Logiciel Authored by Dexter Shin Over the years, cyber threats targeting Android devices have become more sophisticated and persistent. Recently, McAfee...

---

> Authored by Dexter Shin Over the years, cyber threats targeting Android devices have become more sophisticated and persistent. Recently, McAfee... ]]> 2024-12-12T23:07:26+00:00 https://www.mcafee.com/blogs/other-blogs/mcafee-labs/a-new-android-banking-trojan-masquerades-as-utility-and-banking-apps-in-india/ www.secnews.physaphae.fr/article.php?IdArticle=8624264 False Mobile None 3.0000000000000000 Dark Reading - Informationweek Branch Law enforcement across mainland China have been using EagleMsgSpy surveillance tool to collect mobile device data since at least 2017, new research shows.]]> 2024-12-12T21:21:31+00:00 https://www.darkreading.com/cyberattacks-data-breaches/chinese-cops-using-android-spyware-track-mobile-devices www.secnews.physaphae.fr/article.php?IdArticle=8624242 False Tool,Legislation,Mobile None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-12T20:36:12+00:00 https://community.riskiq.com/article/2b3cb06d www.secnews.physaphae.fr/article.php?IdArticle=8624235 False Malware,Tool,Threat,Legislation,Mobile APT 15 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russia-linked state-sponsored threat actor tracked as Gamaredon has been attributed to two new Android spyware tools called BoneSpy and PlainGnome, marking the first time the adversary has been discovered using mobile-only malware families in its attack campaigns. "BoneSpy and PlainGnome target former Soviet states and focus on Russian-speaking victims," Lookout said in an analysis. "Both]]> 2024-12-12T19:05:00+00:00 https://thehackernews.com/2024/12/gamaredon-deploys-android-spyware.html www.secnews.physaphae.fr/article.php?IdArticle=8624074 False Malware,Tool,Threat,Mobile None 3.0000000000000000 Ars Technica - Risk Assessment Security Hacktivism No pricing or availability, but there\'s new competition in headsets and glasses.]]> 2024-12-12T18:18:32+00:00 https://arstechnica.com/gadgets/2024/12/google-steps-into-extended-reality-once-again-with-android-xr/ www.secnews.physaphae.fr/article.php?IdArticle=8624189 False Mobile None 3.0000000000000000 knowbe4 - cybersecurity services ]]> 2024-12-12T16:39:42+00:00 https://blog.knowbe4.com/mobile-phishing-campaign-targets-job-seekers www.secnews.physaphae.fr/article.php?IdArticle=8624118 False Mobile None 2.0000000000000000 Wired Threat Level - Security News Google has new smart glasses, as well as a mixed-reality headset developed with Samsung. Both are powered by Gemini, both run a new version of Android, and both are due in 2025. I got to try them on.]]> 2024-12-12T16:00:00+00:00 https://www.wired.com/story/google-android-xr-demo-smart-glasses-mixed-reality-headset-project-moohan/ www.secnews.physaphae.fr/article.php?IdArticle=8624095 False Mobile None 3.0000000000000000 Zimperium - cyber risk firms for mobile Our blog is sharing the five biggest mobile security threats your business needs to be aware of ]]> 2024-12-12T12:00:00+00:00 https://www.zimperium.com/blog/securing-mobile-devices-and-apps-critical-operational-resilience-in-airlines/ www.secnews.physaphae.fr/article.php?IdArticle=8623986 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a novel surveillance program that\'s suspected to be used by Chinese police departments as a lawful intercept tool to gather a wide range of information from mobile devices. The Android tool, codenamed EagleMsgSpy by Lookout, has been operational since at least 2017, with artifacts uploaded to the VirusTotal malware scanning platform as recently as]]> 2024-12-11T16:32:00+00:00 https://thehackernews.com/2024/12/chinese-eaglemsgspy-spyware-found.html www.secnews.physaphae.fr/article.php?IdArticle=8623430 False Malware,Tool,Legislation,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain A previously undocumented Android spyware called \'EagleMsgSpy\' has been discovered and is believed to be used by law enforcement agencies in China to monitor mobile devices. [...]]]> 2024-12-11T16:03:24+00:00 https://www.bleepingcomputer.com/news/security/new-eaglemsgspy-android-spyware-used-by-chinese-police-researchers-say/ www.secnews.physaphae.fr/article.php?IdArticle=8623642 False Legislation,Mobile None 3.0000000000000000 Global Security Mag - Site de news francais Produits

---

Opera booste son bloqueur de publicités sur Android avec de nouveaux modes de confidentialité, plus d\'efficacité de de personnalisation - Produits]]> 2024-12-11T09:22:28+00:00 https://www.globalsecuritymag.fr/opera-ameliore-son-bloqueur-de-publicites-integre-sur-android.html www.secnews.physaphae.fr/article.php?IdArticle=8623347 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on a sophisticated mobile phishing (aka mishing) campaign that\'s designed to distribute an updated version of the Antidot banking trojan. "The attackers presented themselves as recruiters, luring unsuspecting victims with job offers," Zimperium zLabs Vishnu Pratapagiri researcher said in a new report. "As part of their fraudulent hiring process, the]]> 2024-12-10T19:43:00+00:00 https://thehackernews.com/2024/12/fake-recruiters-distribute-banking.html www.secnews.physaphae.fr/article.php?IdArticle=8622896 False Mobile None 3.0000000000000000 HackRead - Chercher Cyber SUMMARY AppLite banking trojan is a newly discovered stealthy mobile malware threat targeting mobile devices. Learn about its…]]> 2024-12-10T14:57:28+00:00 https://hackread.com/hackers-job-seekers-banking-trojan-fake-job-emails/ www.secnews.physaphae.fr/article.php?IdArticle=8622892 False Malware,Threat,Mobile None 3.0000000000000000 UnderNews - Site de news "pirate" francais L\'équipe de recherche zLabs deZimperium vient d\'identifier AppLite, une attaque de mishing installant des chevaux de Troie bancaires sur les appareils mobiles Android des demandeurs d\'emploi. Le leader mondial de la sécurité mobile alerte sur cette cyber-escroquerie extrêmement sophistiquée, qui exploite la confiance et la vulnérabilité des victimes et permet un large éventail d’actions malveillantes, […] The post AppLite, une nouvelle campagne de mishing ciblant les appareils mobiles des demandeurs d\'emploi first appeared on UnderNews.

---

>L\'équipe de recherche zLabs deZimperium vient d\'identifier AppLite, une attaque de mishing installant des chevaux de Troie bancaires sur les appareils mobiles Android des demandeurs d\'emploi. Le leader mondial de la sécurité mobile alerte sur cette cyber-escroquerie extrêmement sophistiquée, qui exploite la confiance et la vulnérabilité des victimes et permet un large éventail d’actions malveillantes, […] The post AppLite, une nouvelle campagne de mishing ciblant les appareils mobiles des demandeurs d\'emploi first appeared on UnderNews.]]> 2024-12-10T14:44:41+00:00 https://www.undernews.fr/reseau-securite/phishing-hoax/applite-une-nouvelle-campagne-de-mishing-ciblant-les-appareils-mobiles-des-demandeurs-demploi.html www.secnews.physaphae.fr/article.php?IdArticle=8622884 False Mobile None 2.0000000000000000 Zimperium - cyber risk firms for mobile Our zLabs team has identified an extremely sophisticated mishing (mobile-targeted phishing) campaign that delivers malware to the user\'s Android mobile device enabling a broad set of malicious actions including credential theft of banking, cryptocurrency and other critical applications. 

---

>Our zLabs team has identified an extremely sophisticated mishing (mobile-targeted phishing) campaign that delivers malware to the user\'s Android mobile device enabling a broad set of malicious actions including credential theft of banking, cryptocurrency and other critical applications.  ]]> 2024-12-10T14:00:00+00:00 https://www.zimperium.com/blog/applite-a-new-antidot-variant-targeting-mobile-employee-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8622858 False Malware,Mobile None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine New AppLite Banker malware targets Android devices, employing advanced phishing techniques to steal credentials and data]]> 2024-12-10T14:00:00+00:00 https://www.infosecurity-magazine.com/news/applite-malware-targets-banking/ www.secnews.physaphae.fr/article.php?IdArticle=8622860 False Malware,Mobile None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-09T12:22:03+00:00 https://community.riskiq.com/article/86d339a0 www.secnews.physaphae.fr/article.php?IdArticle=8622260 False Ransomware,Malware,Tool,Vulnerability,Threat,Mobile,Industrial,Prediction APT 45 3.0000000000000000 HackRead - Chercher Cyber DroidBot, a sophisticated Android RAT, is targeting individuals and financial institutions across Europe.]]> 2024-12-07T13:45:36+00:00 https://hackread.com/droidbot-android-spyware-hit-banking-crypto-users/ www.secnews.physaphae.fr/article.php?IdArticle=8621214 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Russian programmer accused of donating money to Ukraine had his Android device secretly implanted with spyware by the Federal Security Service (FSB) after he was detained earlier this year. The findings come as part of a collaborative investigation by First Department and the University of Toronto\'s Citizen Lab. "The spyware placed on his device allows the operator to track a target device\'s]]> 2024-12-06T21:45:00+00:00 https://thehackernews.com/2024/12/fsb-uses-trojan-app-to-monitor-russian.html www.secnews.physaphae.fr/article.php?IdArticle=8620743 False Mobile None 3.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé 2024-12-06T14:54:06+00:00 https://blog.incogni.com/delete-multiple-emails-on-android/ www.secnews.physaphae.fr/article.php?IdArticle=8620692 False Mobile None 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain This tool seems to do a pretty good job. The company’s Mobile Threat Hunting feature uses a combination of malware signature-based detection, heuristics, and machine learning to look for anomalies in iOS and Android device activity or telltale signs of spyware infection. For paying iVerify customers, the tool regularly checks devices for potential compromise. But the company also offers a free version of the feature for anyone who downloads the iVerify Basics app for $1. These users can walk through steps to generate and send a special diagnostic utility file to iVerify and receive analysis within hours. Free users can use the tool once a month. iVerify’s infrastructure is built to be privacy-preserving, but to run the Mobile Threat Hunting feature, users must enter an email address so the company has a way to contact them if a scan turns up spyware—as it did in the seven recent Pegasus discoveries...

---

This tool seems to do a pretty good job. The company’s Mobile Threat Hunting feature uses a combination of malware signature-based detection, heuristics, and machine learning to look for anomalies in iOS and Android device activity or telltale signs of spyware infection. For paying iVerify customers, the tool regularly checks devices for potential compromise. But the company also offers a free version of the feature for anyone who downloads the iVerify Basics app for $1. These users can walk through steps to generate and send a special diagnostic utility file to iVerify and receive analysis within hours. Free users can use the tool once a month. iVerify’s infrastructure is built to be privacy-preserving, but to run the Mobile Threat Hunting feature, users must enter an email address so the company has a way to contact them if a scan turns up spyware—as it did in the seven recent Pegasus discoveries...]]> 2024-12-06T12:09:12+00:00 https://www.schneier.com/blog/archives/2024/12/detecting-pegasus-infections.html www.secnews.physaphae.fr/article.php?IdArticle=8620625 False Malware,Tool,Threat,Mobile None 3.0000000000000000 Global Security Mag - Site de news francais Vulnérabilités

---

Un attaquant peut employer plusieurs vulnérabilités de Google Android | Pixel. - Vulnérabilités]]> 2024-12-06T11:02:31+00:00 https://www.globalsecuritymag.fr/vigilance-fr-google-android-pixel-multiples-vulnerabilites-de-juin-2023-analyse.html www.secnews.physaphae.fr/article.php?IdArticle=8620543 False Mobile None 1.00000000000000000000 Global Security Mag - Site de news francais Security Vulnerability

---

An attacker can use several vulnerabilities of Google Android | Pixel. - Security Vulnerability]]> 2024-12-06T11:02:31+00:00 https://www.globalsecuritymag.fr/vigilance-fr-google-android-pixel-multiple-vulnerabilities-of-june-2023.html www.secnews.physaphae.fr/article.php?IdArticle=8620604 False Vulnerability,Mobile None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-05T23:21:01+00:00 https://community.riskiq.com/article/699406a4 www.secnews.physaphae.fr/article.php?IdArticle=8620355 False Malware,Vulnerability,Threat,Mobile,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As many as 77 banking institutions, cryptocurrency exchanges, and national organizations have become the target of a newly discovered Android remote access trojan (RAT) called DroidBot. "DroidBot is a modern RAT that combines hidden VNC and overlay attack techniques with spyware-like capabilities, such as keylogging and user interface monitoring," Cleafy researchers Simone Mattia, Alessandro]]> 2024-12-05T21:28:00+00:00 https://thehackernews.com/2024/12/this-3000-android-trojan-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8620161 False Mobile None 3.0000000000000000 Dark Reading - Informationweek Branch At least 17 affiliate groups have used the "DroidBot" Android banking Trojan against 77 financial services companies across Europe, with more to come, researchers warn.]]> 2024-12-05T20:49:12+00:00 https://www.darkreading.com/threat-intelligence/trojan-service-hits-euro-banks-crypto-exchanges www.secnews.physaphae.fr/article.php?IdArticle=8620263 False Mobile None 2.0000000000000000 Zimperium - cyber risk firms for mobile Our blog is sharing the five biggest mobile security threats your business needs to be aware of

---

>Our blog is sharing the five biggest mobile security threats your business needs to be aware of ]]> 2024-12-05T19:15:08+00:00 https://www.zimperium.com/blog/top-5-mobile-security-risks-for-enterprises/ www.secnews.physaphae.fr/article.php?IdArticle=8620236 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented threat activity cluster dubbed Earth Minotaur is leveraging the MOONSHINE exploit kit and an unreported Android-cum-Windows backdoor called DarkNimbus to facilitate long-term surveillance operations targeting Tibetans and Uyghurs. "Earth Minotaur uses MOONSHINE to deliver the DarkNimbus backdoor to Android and Windows devices, targeting WeChat, and possibly making it a]]> 2024-12-05T18:13:00+00:00 https://thehackernews.com/2024/12/hackers-target-uyghurs-and-tibetans.html www.secnews.physaphae.fr/article.php?IdArticle=8620079 False Threat,Mobile None 3.0000000000000000 Wired Threat Level - Security News Google is rolling out new features for Android and Pixel devices, including a new memory capability for Gemini and the ability to generate expressive captions for nonspoken audio elements in videos.]]> 2024-12-05T17:00:00+00:00 https://www.wired.com/story/android-pixel-december-2024-software-updates/ www.secnews.physaphae.fr/article.php?IdArticle=8620158 False Mobile None 2.0000000000000000 Mandiant - Blog Sécu de Mandiant Executive Summary Whether through a comprehensive Red Team engagement or a targeted external assessment, incorporating application security (AppSec) expertise enables organizations to better simulate the tactics and techniques of modern adversaries. This includes: Leveraging minimal access for maximum impact: There is no need for high privilege escalation. Red Team objectives can often be achieved with limited access, highlighting the importance of securing all internet-facing assets. Recognizing the potential of low-impact vulnerabilities through vulnerability chaining: Low- and medium-impact vulnerabilities can be exploited in combination to achieve significant impact. Developing your own exploits: Skilled adversaries or consultants will invest the time and resources to reverse-engineer and/or find zero-day vulnerabilities in the absence of public proof-of-concept exploits. Employing diverse skill sets: Red Team members should include individuals with a wide range of expertise, including AppSec. Fostering collaboration: Combining diverse skill sets can spark creativity and lead to more effective attack simulations. Integrating AppSec throughout the engagement: Offensive application security contributions can benefit Red Teams at every stage of the project. By embracing this approach, organizations can proactively defend against a constantly evolving threat landscape, ensuring a more robust and resilient security posture. Introduction In today\'s rapidly evolving threat landscape, organizations find themselves engaged in an ongoing arms race against increasingly sophisticated cyber criminals and nation-state actors. To stay ahead of these adversaries, many organizations turn to Red Team assessments, simulating real-world attacks to expose vulnerabilities before they are exploited. However, many traditional Red Team assessments typically prioritize attacking network and infrastructure components, often overlooking a critical aspect of modern attack surfaces: web applications. This gap hasn\'t gone unnoticed by cyber criminals. In recent years, industry reports consistently highlight the evolving trend of attackers exploiting public-facing application vulnerabilities as a primary entry point into organizations. This aligns with Mandiant\'s observations of common tactics used by threat actors, as observed in our 2024 M-Trends Report]]> 2024-12-05T14:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/red-team-application-security-testing/ www.secnews.physaphae.fr/article.php?IdArticle=8620098 False Tool,Vulnerability,Threat,Studies,Mobile,Prediction,Cloud,Commercial None 3.0000000000000000