Android malware (and iOS enhancements)
Checkpoint on the Black Rose Lucy malware bundle, ESET on fake finance apps found on Google Play, and Sophos on the security features in iOS 12 ... Read More
Krebs: commentary on global authentication via your wireless carrier
Brian Krebs: U.S. Mobile Giants Want to be Your Online Identity – “The four major U.S. wireless carriers today detailed a new initiative that may soon let Web sites eschew passwords and instead authenticate visitors by leveraging data elements unique to each customer’s phone and mobile subscriber account, such as ... Read More
Smartphones that talk too much
In brief, the idea is that the phone's 'acoustic signature' can be used to determine the device users' password when they unlock the phone ... Read More
Apple to make life easier for law enforcement
Apple has experienced much friction with law-enforcement regarding information sharing and access to suspects' devices. Will provision of a formal procedure reduce that friction? ... Read More
Android Issues
Android Malware-as-a-Service botnet, CVE-2018-9489, and open-source vulnerabilities in Android apps ... Read More
Mobile misery: Android, iOS data leakage
Nightwatch Security: Sensitive Data Exposure via WiFi Broadcasts in Android OS [CVE-2018-9489] – “System broadcasts by Android OS expose information about … WiFi network name, BSSID, local IP addresses, DNS server information and the MAC address.” Commentary by TechRepublic: Android ‘API breaking’ vulnerability leaks device data, allows user tracking Sophos: ... Read More
Android/iOS detections down, but Fortnite flaw problematic
Android/iOS detections down, but Fortnite flaw linked with Man-in-the-Disk ... Read More
Fortnite and Android: an Epic disagreement
ESET's Lukáš Štefanko argues that by shunning Google Play, Epic Games sets a dangerous precedent ... Read More