This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T14:38:47+00:00 www.secnews.physaphae.fr ZD Net - Magazine Info Blackview\'s Mega 1 is an 11.5-inch Android 13 tablet with a 120Hz display, 256GB of storage, and 24GB of RAM. What\'s more, it comes at a great discount.]]> 2024-09-13T16:09:57+00:00 https://www.zdnet.com/article/i-love-everything-about-this-android-tablet-especially-the-price/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=8576188 False Mobile None 1.00000000000000000000 HackRead - Chercher Cyber A new Android malware called Trojan Ajina.Banker is targeting Central Asia – Discover how this malicious malware disguises…]]> 2024-09-13T15:58:42+00:00 https://hackread.com/android-malware-ajina-banker-steal-2fa-codes-telegram/ www.secnews.physaphae.fr/article.php?IdArticle=8576004 False Malware,Mobile None 2.0000000000000000 ZD Net - Magazine Info iPhone 16 preorders opened early, and I barely had time to grab coffee before the delivery dates slipped. Here\'s what I chose for my upgrade and why.]]> 2024-09-13T15:22:25+00:00 https://www.zdnet.com/article/i-maxed-out-my-iphone-16-pro-max-preorder-heres-how-much-it-cost-me/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=8576190 False Mobile None 1.00000000000000000000 ZD Net - Magazine Info The newest iPhone comes with a hardware-based security feature to better ensure user privacy.]]> 2024-09-13T15:09:51+00:00 https://www.zdnet.com/article/iphone-16-better-thwarts-hackers-who-try-to-use-the-camera-or-microphone-to-spy-on-you/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=8576191 False Mobile None 1.00000000000000000000 Recorded Future - FLux Recorded Future 2024-09-13T14:59:53+00:00 https://therecord.media/new-android-malware-banking-central-asia www.secnews.physaphae.fr/article.php?IdArticle=8575978 False Malware,Mobile None 2.0000000000000000 ZD Net - Magazine Info The CrowView Note lets you turn a supported phone, a Raspberry Pi, or a small form factor PC into a laptop… minus the mobile aspect.]]> 2024-09-13T14:56:24+00:00 https://www.zdnet.com/article/this-inexpensive-laptop-brings-back-a-buzzword-that-was-once-the-talk-of-the-tech-industry/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=8576193 False Mobile None 1.00000000000000000000 Zimperium - cyber risk firms for mobile Dans ce blog, nous plongeons dans les trois premiers dépenses de sécurité dissimulées associées au développement d'applications mobiles à faible code et explorons des stratégies pour les atténuer.

---

>In this blog, we delve into the top three concealed security expenses associated with low-code mobile app development and explore strategies to mitigate them. ]]> 2024-09-13T11:00:00+00:00 https://www.zimperium.com/blog/unlocking-the-hidden-costs-of-mobile-app-security-in-low-code-development/ www.secnews.physaphae.fr/article.php?IdArticle=8575865 False Mobile None 2.0000000000000000 IT Security Guru - Blog Sécurité Password management organisation Keeper Security has unveiled the addition of a passphrase generator to the Keeper platform for mobile. This new feature, now available on Android devices, is designed to help users create strong and unique credentials for their accounts, addressing the growing risks posed by sophisticated cyber threats. Passphrases on iOS will be available […] ]]> 2024-09-13T10:35:35+00:00 https://www.itsecurityguru.org/2024/09/13/keeper-security-expands-passphrase-generator-capability-to-mobile-devices/?utm_source=rss&utm_medium=rss&utm_campaign=keeper-security-expands-passphrase-generator-capability-to-mobile-devices www.secnews.physaphae.fr/article.php?IdArticle=8575863 False Mobile None 2.0000000000000000 SecurityWeek - Security News Doctor Web avertit que les nouveaux logiciels malveillants Android VO1D infectaient environ 1,3 million de boîtes de télévision exécutant des versions OS plus anciennes.

---

>Doctor Web warns of the new Vo1d Android malware infecting roughly 1.3 million TV boxes running older OS versions. ]]> 2024-09-13T09:30:00+00:00 https://www.securityweek.com/1-3-million-android-tv-boxes-infected-by-vo1d-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8575840 False Malware,Mobile None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Cybersecurity experts at Doctor Web have uncovered a massive malware campaign targeting Android-based TV boxes. Dubbed Android.Vo1d, the newly discovered malware has infected nearly 1.3 million devices across 197 countries, making it one of the most widespread infections of its kind. The malware acts as a backdoor, allowing attackers to secretly install third-party software on [...]]]> 2024-09-13T04:40:34+00:00 https://informationsecuritybuzz.com/android-tv-box-malware-voi-million-dev/ www.secnews.physaphae.fr/article.php?IdArticle=8575708 False Malware,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Bank customers in the Central Asia region have been targeted by a new strain of Android malware codenamed Ajina.Banker since at least November 2024 with the goal of harvesting financial information and intercepting two-factor authentication (2FA) messages. Singapore-headquartered Group-IB, which discovered the threat in May 2024, said the malware is propagated via a network of Telegram channels]]> 2024-09-12T21:42:00+00:00 https://thehackernews.com/2024/09/new-android-malware-ajinabanker-steals.html www.secnews.physaphae.fr/article.php?IdArticle=8575389 False Malware,Threat,Mobile None 3.0000000000000000 Contagio - Site d infos ransomware 2024-09-12 Ahnlab: SuperShell malware targeting Linux SSH serversSuperShell is a sophisticated backdoor malware targeting Linux SSH servers, written in the Go language, which allows cross-platform functionality on Linux, Windows, and Android. Created by a Chinese-speaking developer, it operates as a reverse shell, enabling attackers to execute commands remotely on the compromised systems. The attack begins with brute force and dictionary attacks against SSH servers, using weak credentials like "root/password" and "root/123456qwerty." Once access is gained, attackers execute a series of commands to download and install SuperShell, leveraging tools like wget, curl, tftp, and FTP, with download sources often hosted on compromised servers.SuperShell\'s obfuscation adds complexity, but it can still be identified through specific internal strings and its runtime behavior. The malware\'s installation process is versatile, targeting directories like /tmp, /var/run, /mnt, and /root, with commands often including clean-up actions to remove traces post-installation (rm -r *). Typically, the payload involves downloading a script or binary, which is then executed with elevated permissions using chmod +x followed by execution (./ssh1). This pattern is consistently observed across multiple commands, highlighting the malware\'s redundancy and persistence in ensuring successful deployment.Additionally, the attackers often deploy XMRig, a Monero cryptocurrency miner, alongside SuperShell, hinting at a dual-purpose attack: maintaining persistent control over the system while generating illicit cryptocurrency.  2023-03-13 Ahnlab: ShellBot Malware Being Distributed to Linux SSH ServersOn March 13, 2023, ASEC reported that ShellBot, a Perl-based DDoS bot, is actively targeting Linux SSH servers. The malware exploits weak SSH credentials through brute-force attacks, gaining access to deploy its payload. Once installed, ShellBot connects to a Command and Control (C&C) server via the IRC protocol, enabling attackers to issue commands, steal data, and launch DDoS attacks.Initial Access: Attackers scan for servers with open SSH ports (port 22) and use brute-force tools to guess weak or default credentials.Installation: After gaining access, ShellBot is deployed, often achieving persistence by modifying startup scripts or cron jobs.IRC Protocol: ShellBot uses the IRC protocol for C&C communication, allowing it to receive commands like executing remote tasks or launching DDoS attacks without needing a custom C&C infrastructure.Customization: ShellBot is highly customizable, with variants like "LiGhT\'s Modded perlbot v2" offering different capabilities and attack methods tailored by vari]]> 2024-09-12T21:22:50+00:00 https://contagiodump.blogspot.com/2024/09/2024-09-12-supershell-2023-03-13.html www.secnews.physaphae.fr/article.php?IdArticle=8575637 False Malware,Tool,Threat,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nearly 1.3 million Android-based TV boxes running outdated versions of the operating system and belonging to users spanning 197 countries have been infected by a new malware dubbed Vo1d (aka Void). "It is a backdoor that puts its components in the system storage area and, when commanded by attackers, is capable of secretly downloading and installing third-party software," Russian antivirus]]> 2024-09-12T19:16:00+00:00 https://thehackernews.com/2024/09/beware-new-vo1d-malware-infects-13.html www.secnews.physaphae.fr/article.php?IdArticle=8575279 False Malware,Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain Threat actors have infected over 1.3 million TV streaming boxes running Android with a new Vo1d backdoor malware, allowing the attackers to take full control of the devices. [...]]]> 2024-09-12T17:10:33+00:00 https://www.bleepingcomputer.com/news/security/new-vo1d-malware-infects-13-million-android-streaming-boxes/ www.secnews.physaphae.fr/article.php?IdArticle=8575636 False Malware,Threat,Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain 2024-09-12T17:10:33+00:00 https://www.bleepingcomputer.com/news/security/new-vo1d-malware-infects-13-million-android-tv-streaming-boxes/ www.secnews.physaphae.fr/article.php?IdArticle=8575501 False Malware,Mobile None 2.0000000000000000 AhnLab - Korean Security Firm Android malware & # 038;Numéro de sécurité 2e semaine de septembre 2024 이 asec It.

---

ASEC Blog publishes “Android Malware & Security Issue 2st Week of September, 2024” 게시물 Android Malware & Security Issue 2st Week of September, 2024이 ASEC에 처음 등장했습니다.]]> 2024-09-12T15:00:00+00:00 https://asec.ahnlab.com/en/83196/ www.secnews.physaphae.fr/article.php?IdArticle=8575786 False Malware,Mobile None 2.0000000000000000 AhnLab - Korean Security Firm Présentation Microsoft (https://www.microsoft.com) a publié une mise à jour de sécurité qui corrige les vulnérabilités des produits fournis.Il est conseillé aux utilisateurs de produits affectés de mettre à jour la dernière version.& # 160;Produits affectés & # 160;CVE-2024-38222, CVE-2024-38207, CVE-2024-41879 Microsoft Edge 128.0.6613.84/.85 (basé sur le chrome) Versions précédentes & # 160;CVE-2024-38208 Microsoft Edge pour Android 128.0.6613.84/.85 (basé sur le chrome) Versions précédentes & # 160;CVE-2024-43472 Microsoft Edge [& # 8230;] Post microsOft Edge Browser Security Update Advisory 이 asec It.

---

>Overview Microsoft (https://www.microsoft.com) has released a security update that fixes vulnerabilities in products it has supplied. Users of affected products are advised to update to the latest version.   Affected Products   CVE-2024-38222, CVE-2024-38207, CVE-2024-41879 Microsoft Edge 128.0.6613.84/.85 (Chromium-based) previous versions   CVE-2024-38208 Microsoft Edge for Android 128.0.6613.84/.85 (Chromium-based) previous versions   CVE-2024-43472 Microsoft Edge […] 게시물 Microsoft Edge browser security update advisory이 ASEC에 처음 등장했습니다.]]> 2024-09-12T15:00:00+00:00 https://asec.ahnlab.com/en/83198/ www.secnews.physaphae.fr/article.php?IdArticle=8575839 False Vulnerability,Mobile None 2.0000000000000000 TroyHunt - Blog Security These augmented reality sunglasses work with Apple, Android, and Garmin]]> 2024-09-12T13:07:33+00:00 https://arstechnica.com/?p=2047555 www.secnews.physaphae.fr/article.php?IdArticle=8575274 False Mobile None 1.00000000000000000000 UnderNews - Site de news "pirate" francais Zimperium, le leader mondial de la sécurité mobile, a découvert de nouvelles informations sur la campagne de malwares Gigabud, en la reliant au célèbre RAT Android Spynote. La dernière analyse du zLabs de Zimperium révèle que cette campagne mondiale coordonnée s’appuie sur des sites de phishing afin d'installer des applications financières mobiles malveillantes. Tribune – […] The post Zimperium détecte une campagne coordonnée de malwares mobiles ciblant les applications bancaires dans le monde entier first appeared on UnderNews.]]> 2024-09-12T12:59:15+00:00 https://www.undernews.fr/malwares-virus-antivirus/zimperium-detecte-une-campagne-coordonnee-de-malwares-mobiles-ciblant-les-applications-bancaires-dans-le-monde-entier.html www.secnews.physaphae.fr/article.php?IdArticle=8575238 False Mobile None 2.0000000000000000 Global Security Mag - Site de news francais Malware Update]]> 2024-09-12T12:26:10+00:00 https://www.globalsecuritymag.fr/zimperium-identifies-coordinated-mobile-malware-campaign-targeting-banking-apps.html www.secnews.physaphae.fr/article.php?IdArticle=8575249 False Malware,Mobile None 2.0000000000000000 Ars Technica - Risk Assessment Security Hacktivism "Select Play Partners" can block unofficial installation of their apps.]]> 2024-09-11T21:31:37+00:00 https://arstechnica.com/?p=2049138 www.secnews.physaphae.fr/article.php?IdArticle=8574865 False Mobile None 2.0000000000000000 Global Security Mag - Site de news francais mise à jour malveillant

---

Tested 50 popular Android apps: ask for too many dangerous permissions - Malware Update]]> 2024-09-11T12:36:28+00:00 https://www.globalsecuritymag.fr/tested-50-popular-android-apps-ask-for-too-many-dangerous-permissions.html www.secnews.physaphae.fr/article.php?IdArticle=8574582 False Mobile None 2.0000000000000000 Mandiant - Blog Sécu de Mandiant Like many countries across the globe, Mexico faces a cyber threat landscape made up of a complex interplay of global and local threats, with threat actors carrying out attempted intrusions into critical sectors of Mexican society. Mexico also faces threats posed by the worldwide increase in multifaceted extortion, as ransomware and data theft continue to rise. Threat actors with an array of motivations continue to seek opportunities to exploit the digital infrastructure that Mexicans rely on across all aspects of society. This joint blog brings together our collective understanding of the cyber threat landscape impacting Mexico, combining insights from Google\'s Threat Analysis Group (TAG) and Mandiant\'s frontline intelligence. By sharing our global perspective, especially during today\'s Google for Mexico event, we hope to enable greater resiliency in mitigating these threats. Cyber Espionage Operations Targeting Mexico As the 12th largest economy in the world, Mexico draws attention from cyber espionage actors from multiple nations, with targeting patterns mirroring broader priorities and focus areas that we see elsewhere. Since 2020, cyber espionage groups from more than 10 countries have targeted users in Mexico; however, more than 77% of government-backed phishing activity is concentrated among groups from the People\'s Republic of China (PRC), North Korea, and Russia. Figure 1: Government-backed phishing activity targeting Mexico, January 2020 – August 2024 The examples here highlight recent and historical examples where cyber espionage actors have targeted users and organizations in Mexico. It should be noted that these campaigns describe targeting and do not indicate successful compromise or exploitation. PRC Cyber Espionage Activity Targeting Mexico Since 2020, we have observed activity from seven cyber espionage groups with links to the PRC targeting users in Mexico, accounting for a third of government-backed phishing activity in the country. This volume of PRC cyber espionage is similar to activity in other regions where Chinese government investment has been focused, such as countries within China\'s Belt and Road Initiative. In addition to activity targeting Gmail users, PRC-backed groups have targeted Mexican government agencies, higher ]]> 2024-09-10T14:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/cyber-threats-targeting-mexico/ www.secnews.physaphae.fr/article.php?IdArticle=8574054 False Ransomware,Malware,Tool,Vulnerability,Threat,Mobile,Cloud,Commercial APT 28 2.0000000000000000 UnderNews - Site de news "pirate" francais Google a publié ses mises à jour de sécurité mensuelles pour le système d’exploitation Android afin de corriger une faille de sécurité connue qui, selon lui, est activement exploitée dans la nature. La vulnérabilité de haute gravité, suivie sous le numéro CVE-2024-32896 (score CVSS : 7,8), concerne un cas d’escalade de privilèges dans le composant […] The post Alerte sécurité Android : Mise à jour requise pour corriger une faille activement exploitée first appeared on UnderNews.]]> 2024-09-10T13:16:02+00:00 https://www.undernews.fr/telephonie-phreaking-voip/alerte-securite-android-mise-a-jour-requise-pour-corriger-une-faille-activement-exploitee.html www.secnews.physaphae.fr/article.php?IdArticle=8573884 False Mobile None 3.0000000000000000 Global Security Mag - Site de news francais Malwares]]> 2024-09-10T09:34:15+00:00 https://www.globalsecuritymag.fr/spyagent-sur-android-mcafee-met-en-garde-les-utilisateurs-face-au-vol-d.html www.secnews.physaphae.fr/article.php?IdArticle=8573780 False Mobile None 2.0000000000000000 ProofPoint - Cyber Firms 2024-09-10T08:09:31+00:00 https://www.proofpoint.com/us/blog/corporate-news/protect-2024-proofpoint-sets-new-standard-human-centric-security www.secnews.physaphae.fr/article.php?IdArticle=8573958 False Tool,Vulnerability,Threat,Mobile,Cloud,Conference None 3.0000000000000000 Veracode - Application Security Research, News, and Education Blog If you\'re a security professional like me, you\'re not used to your function being seen as a revenue driver for your business; you\'re used to being seen as a cost center. But what if you could demonstrate that security acts as a catalyst for innovation, even leading to 20% revenue increase? Here\'s how a strategic security investment was not only able to help protect a business from potential threats, but also create a foundation for sustainable growth.   The basis for these insights is The Total Economic Impact™ Of the Veracode Application Risk Management Platform, a commissioned study conducted by Forrester Consulting on behalf of Veracode. Applications as the New Perimeter  With the rise of cloud computing, mobile devices, and even AI-generated code, traditional network boundaries are no longer effective in protecting valuable data and assets. According to Forrester\'s Security Survey, 2023, the main reasons reported by security decision-makers for external attacks…]]> 2024-09-10T01:53:59+00:00 https://www.veracode.com/blog/intro-appsec/risk-reward-how-20-revenue-growth-was-achieved-through-strategic-security www.secnews.physaphae.fr/article.php?IdArticle=8573847 False Studies,Mobile,Cloud None 3.0000000000000000 Zimperium - cyber risk firms for mobile Défense zéro-jour de Zimperium \\ contre une campagne de logiciels malveillants Android sophistiquée impliquant Spyagent, une souche spyware conçue pour voler des informations d'identification de crypto-monnaie.

---

>Zimperium\'s Zero-Day defense against a sophisticated Android malware campaign involving SpyAgent, a spyware strain designed to steal cryptocurrency credentials. ]]> 2024-09-09T20:27:01+00:00 https://www.zimperium.com/blog/unmasking-spyagent-zimperiums-zero-day-defense-against-cryptocurrency-theft/ www.secnews.physaphae.fr/article.php?IdArticle=8573437 False Malware,Vulnerability,Threat,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Android device users in South Korea have emerged as a target of a new mobile malware campaign that delivers a new type of threat dubbed SpyAgent. The malware "targets mnemonic keys by scanning for images on your device that might contain them," McAfee Labs researcher SangRyol Ryu said in an analysis, adding the targeting footprint has broadened in scope to include the U.K. The campaign makes use]]> 2024-09-09T14:20:00+00:00 https://thehackernews.com/2024/09/new-android-spyagent-malware-uses-ocr.html www.secnews.physaphae.fr/article.php?IdArticle=8573130 False Malware,Threat,Mobile None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-09-09T11:07:09+00:00 https://community.riskiq.com/article/b0990b13 www.secnews.physaphae.fr/article.php?IdArticle=8573204 False Vulnerability,Threat,Mobile,Commercial None 2.0000000000000000 TroyHunt - Blog Security $579 starting price is up there with Android E Ink tablets and Apple\'s iPad Air.]]> 2024-09-09T11:00:52+00:00 https://arstechnica.com/?p=2046927 www.secnews.physaphae.fr/article.php?IdArticle=8573206 False Mobile None 2.0000000000000000 Wired Threat Level - Security News Use these tools in iOS and Android to exchange contact details and never fumble with business cards again.]]> 2024-09-07T13:30:00+00:00 https://www.wired.com/story/how-to-swap-contact-info-with-someone-using-your-phones/ www.secnews.physaphae.fr/article.php?IdArticle=8571992 False Tool,Mobile None 2.0000000000000000 The Register - Site journalistique Anglais Not so much when trying to convert coding veterans Google recently rewrote the firmware for protected virtual machines in its Android Virtualization Framework using the Rust programming language and wants you to do the same, assuming you deal with firmware.…]]> 2024-09-06T21:44:14+00:00 https://go.theregister.com/feed/www.theregister.com/2024/09/06/google_rust_c_code_language/ www.secnews.physaphae.fr/article.php?IdArticle=8571537 False Mobile None 2.0000000000000000 Ars Technica - Risk Assessment Security Hacktivism Optical Character Recognition converts passwords shown in images to machine-readable text.]]> 2024-09-06T20:23:10+00:00 https://arstechnica.com/?p=2047970 www.secnews.physaphae.fr/article.php?IdArticle=8571503 False Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain A new Android malware named SpyAgent uses optical character recognition (OCR) technology to steal cryptocurrency wallet recovery phrases from screenshots stored on the mobile device. [...]]]> 2024-09-06T11:17:29+00:00 https://www.bleepingcomputer.com/news/security/spyagent-android-malware-steals-your-crypto-recovery-phrases-from-images/ www.secnews.physaphae.fr/article.php?IdArticle=8571376 False Malware,Mobile None 2.0000000000000000 AhnLab - Korean Security Firm Android malware & # 038;Numéro de sécurité 1ère semaine de septembre 2024 이 asec It.

---

ASEC Blog publishes “Android Malware & Security Issue 1st Week of September, 2024” 게시물 Android Malware & Security Issue 1st Week of September, 2024이 ASEC에 처음 등장했습니다.]]> 2024-09-06T00:00:00+00:00 https://asec.ahnlab.com/en/83137/ www.secnews.physaphae.fr/article.php?IdArticle=8574333 False Malware,Mobile None 2.0000000000000000 Zimperium - cyber risk firms for mobile Les développeurs d'applications mobiles engagés à maintenir les normes de sécurité les plus élevés sont confrontés à plusieurs considérations lors du développement et du maintien des applications bancaires.En savoir plus.

---

>Mobile app developers committed to upholding the highest security standards are faced with several considerations when developing and maintaining banking apps. Learn more. ]]> 2024-09-05T11:00:00+00:00 https://www.zimperium.com/blog/safeguarding-financial-data-essential-cybersecurity-practices-for-mobile-banking/ www.secnews.physaphae.fr/article.php?IdArticle=8570410 False Mobile None 2.0000000000000000 AhnLab - Korean Security Firm Aperçu & # 160;Une mise à jour a été publiée pour aborder les vulnérabilités dans la gamme de produits Android.Il est conseillé aux utilisateurs des versions affectées de mettre à jour la dernière version.& # 160;Produits affectés & # 160;CVE-2024-33042 RÉFÉRENCES [1] Voir CVE-2024-33042 / Chipsets affectés * Section & # 160;CVE-2024-33052 Référence [1] Voir CVE-2024-33052 / Chipsets affectés * Section & # 160;CVE-2024-33035 Référence [1] Voir CVE-2024-33035 / Chipsets affectés * Section & # 160;[& # 8230;] Posts AndroiD Family Security Update Advisory 이 asec It.

---

>Overview   An update has been released to address vulnerabilities in Android Product line. Users of the affected versions are advised to update to the latest version.   Affected Products   CVE-2024-33042 References [1] See CVE-2024-33042/Affected Chipsets* section   CVE-2024-33052 Reference [1] See CVE-2024-33052/Affected Chipsets* section   CVE-2024-33035 Reference [1] See CVE-2024-33035/Affected Chipsets* section   […] 게시물 Android Family Security Update Advisory이 ASEC에 처음 등장했습니다.]]> 2024-09-05T00:00:00+00:00 https://asec.ahnlab.com/en/82948/ www.secnews.physaphae.fr/article.php?IdArticle=8570244 True Vulnerability,Mobile None 2.0000000000000000 McAfee Labs - Editeur Logiciel Rédigé par Sangryol Ryu récemment, l'équipe de recherche mobile de McAfee \\ a découvert un nouveau type de malware mobile qui cible les clés mnémoniques ...

---

> Authored by SangRyol Ryu Recently, McAfee\'s Mobile Research Team uncovered a new type of mobile malware that targets mnemonic keys... ]]> 2024-09-04T19:09:09+00:00 https://www.mcafee.com/blogs/other-blogs/mcafee-labs/new-android-spyagent-campaign-steals-crypto-credentials-via-image-recognition/ www.secnews.physaphae.fr/article.php?IdArticle=8569910 False Malware,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has released its monthly security updates for the Android operating system to address a known security flaw that it said has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2024-32896 (CVSS score: 7.8), relates to a case of privilege escalation in the Android Framework component. According to the description of the bug in the NIST National]]> 2024-09-04T19:06:00+00:00 https://thehackernews.com/2024/09/google-confirms-cve-2024-32896.html www.secnews.physaphae.fr/article.php?IdArticle=8569747 False Vulnerability,Mobile None 2.0000000000000000 McAfee Labs - Editeur Logiciel Les films effrayants sont super.Des menaces mobiles effrayantes, pas tellement.Des fantômes, des clowns tueurs et les créatures peuvent remuer tout ...

---

> Scary movies are great. Scary mobile threats, not so much.  Ghosts, killer clowns, and the creatures can stir up all... ]]> 2024-09-04T13:00:07+00:00 https://www.mcafee.com/blogs/mobile-security/scary-mobile-threats/ www.secnews.physaphae.fr/article.php?IdArticle=8569777 False Mobile None 2.0000000000000000 GoogleSec - Firm Security Blog memory-safe languages to low-level firmware (including in Trusty apps).In this blog post, we\'ll show you how to gradually introduce Rust into your existing firmware, prioritizing new code and the most security-critical code. You\'ll see how easy it is to boost security with drop-in Rust replacements, and we\'ll even demonstrate how the Rust toolchain can handle specialized bare-metal targets.Drop-in Rust replacements for C code are not a novel idea and have been used in other cases, such as librsvg\'s adoption of Rust which involved replacing C functions with Rust functions in-place. We seek to demonstrate that this approach is viable for firmware, providing a path to memory-safety in an efficient and effective manner.Memory Safety for FirmwareFirmware serves as the interface between hardware and higher-level software. Due to the lack of software security mechanisms that are standard in higher-level software, vulnerabilities in firmware code can be dangerously exploited by malicious actors. Modern phones contain many coprocessors responsible for handling various operations, and each of these run their own firmware. Often, firmware consi]]> 2024-09-04T12:02:42+00:00 http://security.googleblog.com/2024/09/deploying-rust-in-existing-firmware.html www.secnews.physaphae.fr/article.php?IdArticle=8569847 False Tool,Vulnerability,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Google has released the September 2024 Android security updates to fix 34 vulnerabilities, including CVE-2024-32896, an actively exploited elevation of privilege flaw that was previously fixed on Pixel devices. [...]]]> 2024-09-04T11:16:22+00:00 https://www.bleepingcomputer.com/news/security/google-backports-fix-for-pixel-eop-flaw-to-other-android-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8569780 False Vulnerability,Mobile None 2.0000000000000000 SecurityWeek - Security News Google has released Android security updates to patch an exploited local privilege escalation vulnerability. ]]> 2024-09-04T09:06:42+00:00 https://www.securityweek.com/androids-september-2024-update-patches-exploited-vulnerability/ www.secnews.physaphae.fr/article.php?IdArticle=8569602 False Vulnerability,Mobile None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-09-04T02:45:48+00:00 https://community.riskiq.com/article/12b5ac31 www.secnews.physaphae.fr/article.php?IdArticle=8569431 False Malware,Tool,Vulnerability,Threat,Legislation,Mobile,Commercial APT 29 2.0000000000000000 Zimperium - cyber risk firms for mobile Ce billet de blog vous guidera à travers les meilleures pratiques essentielles pour intégrer DAST dans votre processus de développement mobile.

---

>This blog post will guide you through the essential best practices for integrating DAST into your mobile development process. ]]> 2024-09-03T16:54:45+00:00 https://www.zimperium.com/blog/dast-best-practices-for-mobile-developers/ www.secnews.physaphae.fr/article.php?IdArticle=8569182 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Mobile users in Brazil are the target of a new malware campaign that delivers a new Android banking trojan named Rocinante. "This malware family is capable of performing keylogging using the Accessibility Service, and is also able to steal PII from its victims using phishing screens posing as different banks," Dutch security company ThreatFabric said. "Finally, it can use all this exfiltrated]]> 2024-09-03T15:07:00+00:00 https://thehackernews.com/2024/09/rocinante-trojan-poses-as-banking-apps.html www.secnews.physaphae.fr/article.php?IdArticle=8569021 False Malware,Mobile None 3.0000000000000000 TechRepublic - Security News US Included in the purge are static apps, those with limited functionality and content, and apps that crash, freeze, and don\'t offer an “engaging user experience,\'\' the company said.]]> 2024-09-03T14:24:16+00:00 https://www.techrepublic.com/article/google-play-store-app-deletion/ www.secnews.physaphae.fr/article.php?IdArticle=8569126 False Mobile None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC significant security breaches for organizations of all sizes. These mistakes aren’t inevitable or limited to any one role—they can happen to anyone, from top executives to customer service reps—but they are preventable with the right knowledge and constant vigilance in place. With this in mind, today’s article will examine some real-world examples and some of the most common human errors in cybersecurity to help your organization stay safe and secure. With better awareness and training, organizations can turn their weakest link into a robust first line of defense against cyber threats. The Role of Human Error in Cybersecurity Human error tends to play a fundamental role in many cybersecurity breaches, often being the weakest link in the chain—it\'s not just about hackers exploiting software vulnerabilities; it\'s also about people making mistakes. According to a 2023 Verizon study, a worrying 68% of security breaches have some form of human error involved in them. This staggering statistic directly highlights how essential it is to address the human element in cybersecurity strategies head-on. Studies have shown that employees, regardless of their position, frequently fall victim to phishing scams, use weak passwords, or fail to follow basic security protocols. These common mistakes create entry points for cybercriminals to cause breaches and other security events. To get a better idea of what’s being discussed here, try to consider the everyday actions that can compromise security: ●      Clicking on a suspicious link ●      Reusing passwords across multiple sites ●      Neglecting software updates ●      Not being vigilant about security threats. Although each of these errors might seem minor in isolation, together, they contribute significantly to your organization\'s overall risk. Common Psychological and Behavioral Pitfalls When it comes to cybersecurity, it isn’t just technical vulnerabilities that pose a threat—human psychology also plays a significant role here, too. Common cognitive biases, such as overconfidence and the desire for convenience, can often lead to security lapses. For instance, someone might feel overconfident in their ability to spot a phishing email, leading them to lower their guard and inadvertently click on a malicious link. Keep in mind, however, that malicious links are yesterday’s news—but ]]> 2024-09-03T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/the-human-factor-in-cybersecurity-behavioral-insights-and-mitigation-strategies www.secnews.physaphae.fr/article.php?IdArticle=8568995 False Tool,Vulnerability,Threat,Studies,Mobile,Technical Equifax 2.0000000000000000 Kaspersky - Kaspersky Research blog The report gives statistics on mobile malware and unwanted software for Q2 2024, including mobile banking Trojans and ransomware.]]> 2024-09-03T08:00:46+00:00 https://securelist.com/it-threat-evolution-q2-2024-mobile-statistics/113678/ www.secnews.physaphae.fr/article.php?IdArticle=8568946 False Ransomware,Malware,Threat,Mobile None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-09-02T19:54:58+00:00 https://community.riskiq.com/article/161e114f www.secnews.physaphae.fr/article.php?IdArticle=8568711 False Ransomware,Malware,Tool,Vulnerability,Threat,Mobile,Medical,Cloud APT 41,APT 32 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-30T15:23:59+00:00 https://community.riskiq.com/article/d4255ad5 www.secnews.physaphae.fr/article.php?IdArticle=8566972 False Threat,Mobile,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have flagged multiple in-the-wild exploit campaigns that leveraged now-patched flaws in Apple Safari and Google Chrome browsers to infect mobile users with information-stealing malware. "These campaigns delivered n-day exploits for which patches were available, but would still be effective against unpatched devices," Google Threat Analysis Group (TAG) researcher Clement]]> 2024-08-29T21:29:00+00:00 https://thehackernews.com/2024/08/russian-hackers-exploit-safari-and.html www.secnews.physaphae.fr/article.php?IdArticle=8566271 False Malware,Threat,Mobile None 3.0000000000000000 AhnLab - Korean Security Firm Android malware & # 038;Numéro de sécurité 5e semaine d'août 2024 이 asec It.

---

ASEC Blog publishes “Android Malware & Security Issue 5st Week of August, 2024” 게시물 Android Malware & Security Issue 5st Week of August, 2024이 ASEC에 처음 등장했습니다.]]> 2024-08-29T15:00:00+00:00 https://asec.ahnlab.com/en/82803/ www.secnews.physaphae.fr/article.php?IdArticle=8568430 False Malware,Mobile None 1.00000000000000000000 Bleeping Computer - Magazine Américain The Russian state-sponsored APT29 hacking group has been observed using the same iOS and Android exploits created by commercial spyware vendors in a series of cyberattacks between November 2023 and July 2024. [...]]]> 2024-08-29T09:04:58+00:00 https://www.bleepingcomputer.com/news/security/russian-apt29-hackers-use-ios-chrome-exploits-created-by-spyware-vendors/ www.secnews.physaphae.fr/article.php?IdArticle=8566165 False Mobile,Commercial APT 29 3.0000000000000000 Korben - Bloger francais 2024-08-29T07:00:00+00:00 https://korben.info/imfile-gestionnaire-telechargements-multisources-motrix.html www.secnews.physaphae.fr/article.php?IdArticle=8565993 False Mobile None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-28T18:20:57+00:00 https://community.riskiq.com/article/feb7656e www.secnews.physaphae.fr/article.php?IdArticle=8565624 False Malware,Tool,Threat,Mobile None 3.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET The discovery of the NGate malware by ESET Research is another example of how sophisticated Android threats have become]]> 2024-08-28T14:01:52+00:00 https://www.welivesecurity.com/en/videos/stealing-cash-using-nfc-relay-week-in-security-with-tony-anscombe/ www.secnews.physaphae.fr/article.php?IdArticle=8566452 False Malware,Mobile None 3.0000000000000000 Mandiant - Blog Sécu de Mandiant Today Mandiant is releasing details of a suspected Iran-nexus counterintelligence operation aimed at collecting data on Iranians and domestic threats who may be collaborating with intelligence and security agencies abroad, particularly in Israel.  The data collected by this campaign may support the Iranian intelligence apparatus in pinpointing individuals who are interested in collaborating with Iran\'s perceived adversarial countries. The collected data may be leveraged to uncover human intelligence (HUMINT) operations conducted against Iran and to persecute any Iranians suspected to be involved in these operations. These may include Iranian dissidents, activists, human rights advocates, and Farsi speakers living in and outside Iran. Mandiant assesses with high confidence this campaign was operated on behalf of Iran\'s regime, based on its tactics, techniques, and procedures (TTPs), themes, and targeting. In addition, we observed a weak overlap between this campaign and APT42, an Iran-nexus threat actor suspected to operate on behalf of Iran\'s IRGC Intelligence Organization (IRGC-IO). This campaign\'s activities are in line with Iran\'s IRGC and APT42\'s history of conducting surveillance operations against domestic threats and individuals of interest to the Iranian government. Despite the possible APT42 connection, Mandiant observed no relations between this activity and any U.S. elections-related targeting as previously reported by Google\'s Threat Analysis Group. The activity used multiple social media accounts to disseminate a network of over 35 fake recruiting websites containing extensive Farsi decoy content, including job offers and Israel-related lures, such as images of Israeli national symbols, hi-tech offices, and major city landmarks. Upon entry, the targeted users are required to enter their personal details as well as their professional and academic experience, which are subsequently sent to the attackers.  The suspected counterintelligence operations started as early as 2017 and lasted at least until March 2024. In the past, similar campaigns were deployed in Arabic, targeting individuals affiliated with Syria and Hezbollah intelligence and security agencies. This may indicate Iran\'s counterintelligence activities extend beyond its own security and intelligence apparatus, possibly in support of its allies in Syria and Lebanon.  Mandiant worked to help ensure this activity was blocked and disrupted, the threat actor\'s accounts were terminated, and Google Chrome users and the users of other browsers were protected.]]> 2024-08-28T14:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/uncovering-iranian-counterintelligence-operation/ www.secnews.physaphae.fr/article.php?IdArticle=8565655 False Threat,Mobile,Cloud APT 42 4.0000000000000000 Wired Threat Level - Security News Whether you went big with the Pixel 9 Pro XL or small with the Pixel 9, we\'ve got a selection of cases, including MagSafe cases, to kit out your new Android phone.]]> 2024-08-28T11:03:00+00:00 https://www.wired.com/gallery/best-google-pixel-9-cases-and-accessories/ www.secnews.physaphae.fr/article.php?IdArticle=8565335 False Mobile None 1.00000000000000000000 Bleeping Computer - Magazine Américain Microsoft has released the optional KB5041587 preview cumulative update for Windows 11 23H2 and 22H2, which adds sharing to Android devices and fixes multiple File Explorer issues. [...]]]> 2024-08-27T15:03:17+00:00 https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5041587-update-adds-sharing-to-android-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8564877 False Threat,Mobile None 4.0000000000000000 AhnLab - Korean Security Firm Aperçu & # 160;Une mise à jour a été publiée pour aborder les vulnérabilités dans le cadre de sécurité mobile (MOBSF).Il est conseillé aux utilisateurs des versions affectées de mettre à jour la dernière version.& # 160;Produits affectés & # 160;CVE-2024-43399 Versions MOBSF: ~ 4.0.6 (inclusives) & # 160;& # 160;Vulnérabilités résolues & # 160;Des mesures pour empêcher les attaques de glissement zip lors de l'extraction des fichiers d'extension. Posts mobileFramework de sécurité (MOBSF) Advisory de mise à jour de sécurité (CVE-2024-43399) 이 asec It.

---

>Overview   An update has been released to address vulnerabilities in Mobile Security Framework(MobSF). Users of the affected versions are advised to update to the latest version.   Affected Products   CVE-2024-43399 MobSF versions: ~ 4.0.6 (inclusive)     Resolved Vulnerabilities   Measures to prevent Zip Slip attacks while extracting .a extension files were improperly […] 게시물 Mobile Security Framework (MobSF) Security Update Advisory (CVE-2024-43399)이 ASEC에 처음 등장했습니다.]]> 2024-08-26T15:00:00+00:00 https://asec.ahnlab.com/en/82808/ www.secnews.physaphae.fr/article.php?IdArticle=8568432 False Vulnerability,Mobile None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-26T10:44:38+00:00 https://community.riskiq.com/article/9e3295c1 www.secnews.physaphae.fr/article.php?IdArticle=8564053 False Ransomware,Malware,Tool,Vulnerability,Threat,Mobile,Prediction,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered new Android malware that can relay victims\' contactless payment data from physical credit and debit cards to an attacker-controlled device with the goal of conducting fraudulent operations. The Slovak cybersecurity company is tracking the novel malware as NGate, stating it observed the crimeware campaign targeting three banks in Czechia. The malware "has]]> 2024-08-26T10:16:00+00:00 https://thehackernews.com/2024/08/new-android-malware-ngate-steals-nfc.html www.secnews.physaphae.fr/article.php?IdArticle=8563891 False Malware,Mobile None 3.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET The world of Android threats is quite vast and intriguing. In this episode, Becks and Lukáš demonstrate how easy it is to take over your phone, with some added tips on how to stay secure]]> 2024-08-26T09:00:00+00:00 https://www.welivesecurity.com/en/videos/exploring-android-threats-and-ways-to-mitigate-them-unlocked-403-cybersecurity-podcast-ep5/ www.secnews.physaphae.fr/article.php?IdArticle=8564431 False Mobile None 3.0000000000000000 Wired Threat Level - Security News If you\'re leaving Apple behind to try Google\'s Pixel, a Samsung Galaxy, or another Android phone, this guide covers all your bases.]]> 2024-08-24T14:04:00+00:00 https://www.wired.com/story/how-to-switch-from-iphone-to-android/ www.secnews.physaphae.fr/article.php?IdArticle=8563086 False Mobile None 2.0000000000000000 Wired Threat Level - Security News Like recent iPhones, Google\'s latest Android phones support satellite messaging when you don\'t have cellular connectivity.]]> 2024-08-24T11:30:00+00:00 https://www.wired.com/story/google-pixel-9-satellite-esos-emergency-messaging/ www.secnews.physaphae.fr/article.php?IdArticle=8563043 False Mobile None 3.0000000000000000 Ars Technica - Risk Assessment Security Hacktivism Attacker then emulates the card and makes withdrawals or payments from victim\'s account.]]> 2024-08-23T20:12:21+00:00 https://arstechnica.com/?p=2045086 www.secnews.physaphae.fr/article.php?IdArticle=8562706 False Malware,Mobile None 3.0000000000000000 TechRepublic - Security News US A new malware called NGate allows cybercriminals to steal near field communication data from Android phones via sophisticated social engineering. The data is relayed to the fraudsters before being used to steal cash.]]> 2024-08-23T19:35:49+00:00 https://www.techrepublic.com/article/cybercriminals-stealing-nfc-data/ www.secnews.physaphae.fr/article.php?IdArticle=8562682 False Malware,Mobile None 3.0000000000000000 SecurityWeek - Security News Des histoires remarquables qui auraient pu glisser sous le radar: la FAA améliorant les cyber règles pour les avions, les logiciels malveillants Android ngate utilisés pour voler de l'argent aux distributeurs automatiques de billets, abusant de Slack IA pour voler des données.

---

>Noteworthy stories that might have slipped under the radar: FAA improving cyber rules for airplanes, NGate Android malware used to steal cash from ATMs, abusing Slack AI to steal data. ]]> 2024-08-23T12:44:33+00:00 https://www.securityweek.com/in-other-news-faa-improving-cyber-rules-android-malware-enables-atm-withdrawals-data-theft-via-slack-ai/ www.secnews.physaphae.fr/article.php?IdArticle=8562545 False Malware,Mobile None 3.0000000000000000 Silicon - Site de News Francais 2024-08-23T11:48:33+00:00 https://www.silicon.fr/apple-dma-app-store-481098.html www.secnews.physaphae.fr/article.php?IdArticle=8562497 False Mobile None 2.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET Phishing using PWAs? ESET Research\'s latest discovery might just ruin some users\' assumptions about their preferred platform\'s security]]> 2024-08-23T09:00:00+00:00 https://www.welivesecurity.com/en/videos/pwa-phishing-on-android-and-ios-week-in-security-with-tony-anscombe/ www.secnews.physaphae.fr/article.php?IdArticle=8562958 False Mobile None 2.0000000000000000 Dark Reading - Informationweek Branch The malware builds on a near-field communication tool in combination with phishing and social engineering to steal cash.]]> 2024-08-22T20:30:22+00:00 https://www.darkreading.com/mobile-security/nfc-traffic-stealer-targets-android-users-and-their-banking-info www.secnews.physaphae.fr/article.php?IdArticle=8562713 False Malware,Tool,Mobile None 2.0000000000000000 Recorded Future - FLux Recorded Future 2024-08-22T19:13:30+00:00 https://therecord.media/android-malware-atm-stealing-czech-banks www.secnews.physaphae.fr/article.php?IdArticle=8562120 False Malware,Mobile None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) #### Targeted Geolocations - Hungary - Georgia - Czechia ## Snapshot ESET researchers have discovered a novel phishing method that targets mobile users via Progressive Web Applications (PWAs) and WebAPKs. The phishing campaign combines standard phishing delivery techniques with a new met]]> 2024-08-22T15:11:29+00:00 https://community.riskiq.com/article/866bcdb6 www.secnews.physaphae.fr/article.php?IdArticle=8562036 False Mobile None 3.0000000000000000 AhnLab - Korean Security Firm ASEC Blog publishes “Android Malware & Security Issue 4st Week of August, 2024”]]> 2024-08-22T15:00:00+00:00 https://asec.ahnlab.com/en/82630/ www.secnews.physaphae.fr/article.php?IdArticle=8562450 False Malware,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain A new Android malware named NGate can steal money from payment cards by relaying to an attacker\'s device the data read by the near-field communication (NFC) chip. [...]]]> 2024-08-22T13:02:08+00:00 https://www.bleepingcomputer.com/news/security/new-ngate-android-malware-uses-nfc-chip-to-steal-credit-card-data/ www.secnews.physaphae.fr/article.php?IdArticle=8562066 False Malware,Mobile None 3.0000000000000000 Global Security Mag - Site de news francais Malwares]]> 2024-08-22T11:13:50+00:00 https://www.globalsecuritymag.fr/eset-research-decouvre-deux-attaques-bancaires-innovantes-et-inquietantes.html www.secnews.physaphae.fr/article.php?IdArticle=8561913 False Mobile None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine ESET claims new NGate Android malware relays NFC data to steal card details for ATM cash-out]]> 2024-08-22T10:15:00+00:00 https://www.infosecurity-magazine.com/news/android-malware-steals-card-nfc/ www.secnews.physaphae.fr/article.php?IdArticle=8561889 False Malware,Mobile None 3.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET Android malware discovered by ESET Research relays NFC data from victims\' payment cards, via victims\' mobile phones, to the device of a perpetrator waiting at an ATM]]> 2024-08-22T09:00:00+00:00 https://www.welivesecurity.com/en/eset-research/ngate-android-malware-relays-nfc-traffic-to-steal-cash/ www.secnews.physaphae.fr/article.php?IdArticle=8562496 False Malware,Mobile None 3.0000000000000000 The Register - Site journalistique Anglais 2024-08-22T08:30:10+00:00 https://go.theregister.com/feed/www.theregister.com/2024/08/22/hmd_skyline_repairable_android/ www.secnews.physaphae.fr/article.php?IdArticle=8561866 False Mobile None 3.0000000000000000 TroyHunt - Blog Security Web-based apps escape iOS "Walled Garden" and Android side-loading protections.]]> 2024-08-21T20:40:49+00:00 https://arstechnica.com/?p=2044637 www.secnews.physaphae.fr/article.php?IdArticle=8561603 False Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Threat actors started to use progressive web applications to impersonate banking apps and steal credentials from Android and iOS users. [...]]]> 2024-08-21T16:57:58+00:00 https://www.bleepingcomputer.com/news/security/hackers-steal-banking-creds-from-ios-android-users-via-pwa-apps/ www.secnews.physaphae.fr/article.php?IdArticle=8561604 False Threat,Mobile None 3.0000000000000000 SecurityWeek - Security News Les nouvelles attaques de phishing ciblent les utilisateurs iOS et Android avec des applications Web progressives et des webapks pour voler les informations bancaires.

---

>New phishing attacks target iOS and Android users with Progressive Web Applications and WebAPKs to steal banking information. ]]> 2024-08-21T15:00:35+00:00 https://www.securityweek.com/new-phishing-technique-bypasses-security-on-ios-and-android-to-steal-bank-credentials/ www.secnews.physaphae.fr/article.php?IdArticle=8561513 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Mobile users in the Czech Republic are the target of a novel phishing campaign that leverages a Progressive Web Application (PWA) in an attempt to steal their banking account credentials. The attacks have targeted the Czech-based Československá obchodní banka (CSOB), as well as the Hungarian OTP Bank and the Georgian TBC Bank, according to Slovak cybersecurity company ESET. "The phishing]]> 2024-08-21T01:29:00+00:00 https://thehackernews.com/2024/08/czech-mobile-users-targeted-in-new.html www.secnews.physaphae.fr/article.php?IdArticle=8561001 False Mobile None 3.0000000000000000 HackRead - Chercher Cyber Cybercriminals exploit Progressive Web Apps (PWAs) in the latest phishing scam, targeting mobile users in Czechia, Hungary, and…]]> 2024-08-20T22:49:25+00:00 https://hackread.com/phishing-attacks-eastern-europe-bank-ios-android/ www.secnews.physaphae.fr/article.php?IdArticle=8561072 False Threat,Mobile None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Le géant de la technologie dit qu'il reçoit moins de vulnérabilités et que les améliorations de la sécurité ont abouti à un écosystème Android plus sécurisé.

---

>The tech giant says it is receiving fewer vulnerabilities and that security improvements have resulted in a more secure Android ecosystem.  ]]> 2024-08-20T21:50:11+00:00 https://cyberscoop.com/google-play-store-bug-bounty-shut-down-gpsrp/ www.secnews.physaphae.fr/article.php?IdArticle=8561046 False Vulnerability,Mobile None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine ESET detected a new phishing technique using progressive web applications (PWAs) as part of a large-scale mobile financial scam]]> 2024-08-20T17:00:00+00:00 https://www.infosecurity-magazine.com/news/novel-phishing-android-ios-pwa/ www.secnews.physaphae.fr/article.php?IdArticle=8560925 False Mobile None 3.0000000000000000 Zimperium - cyber risk firms for mobile Son blog explorera les différents types d'applications risquées et les préoccupations qu'ils posent, soulignant la nécessité de processus de vérification des applications mobiles rigoureuses.

---

>his blog will explore the various types of risky apps and the concerns they pose, emphasizing the need for stringent mobile app vetting processes. ]]> 2024-08-20T13:00:00+00:00 https://www.zimperium.com/blog/securing-agency-devices-the-critical-need-for-mobile-app-vetting/ www.secnews.physaphae.fr/article.php?IdArticle=8560826 False Mobile None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 2024-08-20T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/securing-networks-evaluating-hardware-firewalls www.secnews.physaphae.fr/article.php?IdArticle=8560902 False Malware,Tool,Vulnerability,Threat,Mobile,Medical None 3.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET ESET analysts dissect a novel phishing method tailored to Android and iOS users]]> 2024-08-20T09:00:00+00:00 https://www.welivesecurity.com/en/eset-research/be-careful-what-you-pwish-for-phishing-in-pwa-applications/ www.secnews.physaphae.fr/article.php?IdArticle=8561485 False Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain Google will redact your credit card details, passwords and other sensitive information in Chrome when you\'re sharing or recording your screen on Android. [...]]]> 2024-08-18T14:00:54+00:00 https://www.bleepingcomputer.com/news/google/chrome-will-redact-credit-cards-passwords-when-you-share-android-screen/ www.secnews.physaphae.fr/article.php?IdArticle=8559872 False Mobile None 3.0000000000000000 Ars Technica - Risk Assessment Security Hacktivism Epic also launched its store on Android.]]> 2024-08-16T18:48:57+00:00 https://arstechnica.com/?p=2043896 www.secnews.physaphae.fr/article.php?IdArticle=8558882 False Mobile None 3.0000000000000000 BBC - BBC News - Technology Fortnite, which is one of the most popular games in the world, has been unavailable for four years.]]> 2024-08-16T13:38:06+00:00 https://www.bbc.com/news/articles/c70j5rx72yvo www.secnews.physaphae.fr/article.php?IdArticle=8558726 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A large percentage of Google\'s own Pixel devices shipped globally since September 2017 included dormant software that could be used to stage nefarious attacks and deliver various kinds of malware. The issue manifests in the form of a pre-installed Android app called "Showcase.apk" that comes with excessive system privileges, including the ability to remotely execute code and install arbitrary]]> 2024-08-16T12:40:00+00:00 https://thehackernews.com/2024/08/google-pixel-devices-shipped-with.html www.secnews.physaphae.fr/article.php?IdArticle=8558553 False Malware,Mobile None 4.0000000000000000 Wired Threat Level - Security News A US judge is set to force Google to more widely open up Android phones to competing app stores. But as I found, app stores vying for supremacy could leave Android users confused and worried about security.]]> 2024-08-16T10:30:00+00:00 https://www.wired.com/story/android-clobbering-app-store/ www.secnews.physaphae.fr/article.php?IdArticle=8558644 False Mobile None 3.0000000000000000 AhnLab - Korean Security Firm ASEC Blog publishes “Android Malware & Security Issue 3st Week of August, 2024”]]> 2024-08-15T15:00:00+00:00 https://asec.ahnlab.com/en/82492/ www.secnews.physaphae.fr/article.php?IdArticle=8558620 False Malware,Mobile None 2.0000000000000000 Wired Threat Level - Security News A fix is coming, but data analytics giant Palantir says it\'s ditching Android devices altogether because Google\'s response to the vulnerability has been troubling.]]> 2024-08-15T13:00:00+00:00 https://www.wired.com/story/google-android-pixel-showcase-vulnerability/ www.secnews.physaphae.fr/article.php?IdArticle=8558137 False Vulnerability,Mobile None 3.0000000000000000 Dark Reading - Informationweek Branch 2024-08-14T18:42:42+00:00 https://www.darkreading.com/cybersecurity-operations/zimperium-teams-up-with-okta-to-enhance-zero-trust-identity-threat-protection-with-ai-driven-mobile-security-solutions www.secnews.physaphae.fr/article.php?IdArticle=8557755 False Threat,Mobile None 2.0000000000000000 Global Security Mag - Site de news francais nouvelles commerciales

---

Zimperium Teams Up with Okta to Enhance Zero-Trust Identity Threat Protection with AI-Driven Mobile Security Solutions Product integration delivers real-time detection and response, enhancing mobile device security - Business News]]> 2024-08-14T16:31:44+00:00 https://www.globalsecuritymag.fr/zimperium-announced-that-it-s-collaborating-with-okta.html www.secnews.physaphae.fr/article.php?IdArticle=8557701 False Threat,Mobile None 3.0000000000000000