#android

A previously undocumented Android banking trojan dubbed MMRat has been observed targeting mobile users in Southeast Asia since late June 2023 to remotely commandeer the devices and perform financial fraud. "The malware, named after its distinctive package name com.mm.user, can capture user input and screen content, and can also remotely control victim devices through various techniques, enabling

Cybersecurity researchers have discovered malicious Android apps for Signal and Telegram distributed via the Google Play Store and Samsung Galaxy Store that are engineered to deliver the BadBazaar spyware on infected devices. Slovakian company ESET attributed the campaign to a China-linked actor called GREF. "Most likely active since July 2020 and since July 2022, respectively, the campaigns

Categories: Personal Tags: spyware Tags: spying Tags: surveillance Tags: Brazil Tags: phone Tags: mobile We take a look at another compromise of a mobile spyware app maker, and ask whether this action comes with hidden danger. (Read more...) The post Victim records deleted after spyware vendor compromised appeared first on Malwarebytes Labs.

By Deeba Ahmed So far, the potent Android trojan MMRat has remained undetected on VirusTotal. This is a post from HackRead.com Read the original post: New MMRat Android Trojan Uses Fake App Stores for Bank Fraud

Due to a misconfiguration, the WARP Mobile Client (< 6.29) for Android was susceptible to a tapjacking attack. In the event that an attacker built a malicious application and managed to install it on a victim's device, the attacker would be able to trick the user into believing that the app shown on the screen was the WARP client when in reality it was the attacker's app.

Due to lack of a security policy, the WARP Mobile Client (<=6.29) for Android was susceptible to this vulnerability which allowed a malicious app installed on a victim's device to exploit a peculiarity in an Android function, wherein under certain conditions, the malicious app could dictate the task behaviour of the WARP app.

By Owais Sultan In today’s digital age, securing your devices and data from cyber threats is a top priority. Antivirus software… This is a post from HackRead.com Read the original post: Antivirus Software: The Best Deals, Coupons and Discounts

User enumeration is found in PHP Jabbers Hotel Booking System v4.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.

Categories: News Tags: week Tags: security Tags: august Tags: 2023 Tags: trusted advisor Tags: cyrus Tags: A list of topics we covered in the week of August 21 to August 27 of 2023 (Read more...) The post A week in security (August 21 - August 27) appeared first on Malwarebytes Labs.

An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state causes the pluto daemon to crash and restart.