Tag
#android
Categories: News Categories: Privacy Tags: Krause Tags: inappbrowser.com Tags: Meta Tags: Facebook Tags: Instagram Tags: TikTok A developer and privacy expert created a platform that allows iOS users to see injected JavaScript in their in-app browsers (Read more...) The post Spying on the spies. See what JavaScript commands get injected by in-app browsers appeared first on Malwarebytes Labs.
Retail giant Amazon patched a high-severity security issue in its Ring app for Android in May that could have enabled a rogue application installed on a user's device to access sensitive information and camera recordings. The Ring app for Android has over 10 million downloads and enables users to monitor video feeds from smart home devices such as video doorbells, security cameras, and alarm
Incorrect default permissions for the Intel(R) Connect M Android application before version 1.7.4 may allow an authenticated user to potentially enable information disclosure via local access.
Incorrect default permissions for the Intel(R) Support Android application before 21.07.40 may allow an authenticated user to potentially enable information disclosure via local access.
Uncontrolled search path elements in the Intel(R) Datacenter Group Event Android application, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.
By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. As the data privacy landscape gets increasingly murky, app developers and device manufacturers are finding new ways to sure up users’ personal information. Of course, all users have to do is go out of their way to opt-in. Apple recently announced a new Lockdown Mode for the iOS operating system that powers the company’s iPhones. When enabled, it turns off many of the features that attackers will exploit when targeting a mobile device with spyware. Spyware is a growing concern across the world, especially the NSO Group’s Pegasus tool. With Lockdown Mode enabled, a hypothetical attacker would not have access to certain functions on the phone, and it blocks access to important APIs such as speech and facial recognition, which research has shown are relatively easy to bypass. In a review of Lockdown Mode, Zack Whittaker of TechCrunch said, “...we didn’t find using our iPhone in Lockdown Mode t...
Polar Flow for Android version 5.7.1 stores the username and password in clear text in a file on mobile devices.
An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.
Hosts next OpenSSF Day in Dublin.
The best end-to-end encrypted messaging app has a host of security features. Here are the ones you should care about.