Mobile security threats and prevention

Get the latest news on mobile device threats. Learn how viruses, Trojans, malicious code and worms can infect smartphones, and find out about the latest mobile device attacks can affect iOS, Android and other mobile platforms.

Top Stories

News 15 Oct 2021
Burned by Apple, researchers mull selling zero days to brokers

Security researchers have grown frustrated with Apple's lack of communication, ‘silent patching’ of vulnerabilities, denial of bug bounty rewards and other issues. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 12 Oct 2021
Apple patches iOS vulnerability actively exploited in the wild

Apple said in a security advisory that it had received a report that the iOS flaw, which impacts kernel extension IOMobileFrameBuffer, 'may have been actively exploited.' Continue Reading
By
- Alexander Culafi, Senior News Writer

News 30 Sep 2021
Researchers hack Apple Pay, Visa 'Express Transit' mode

Academic researchers discover an attack technique that enables them to make fraudulent transactions on locked iPhones when Apple Pay and Visa cards are set up for transit mode. Continue Reading
By
- Arielle Waldman, News Writer
News 29 Sep 2021
Telegram bots allowing hackers to steal OTP codes

A simplified new attack tool based on Telegram scripts is allowing criminals to steal one-time password credentials and take over user accounts and drain bank funds. Continue Reading
By
- Shaun Nichols
News 24 Sep 2021
Spurned researcher posts trio of iOS zero days

An anonymous bug hunter critical of Apple's handling of reports to its bounty program has released details on three zero-day vulnerabilities in its iOS mobile platform. Continue Reading
By
- Shaun Nichols
News 14 Sep 2021
Apple patches zero-day, zero-click NSO Group exploit

The Citizen Lab said that it found the Apple zero-day vulnerability when it was 'analyzing the phone of a Saudi activist infected with NSO Group's Pegasus spyware.' Continue Reading
By
- Alexander Culafi, Senior News Writer
News 02 Sep 2021
FTC drops the hammer on SpyFone for privacy violations

The FTC has decried SpyFone, a remote tracking app for mobile phones, as stalkerware and ordered it to notify all individuals who were tracked by the app. Continue Reading
By
- Shaun Nichols
News 15 Jun 2021
Apple issues patches for two more WebKit zero-days

Apple said both WebKit zero-days, which affect older iOS devices, have reportedly been exploited in the wild, but further details about the threat activity are unknown. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 17 May 2021
Hackers turn Comcast voice remotes into eavesdropping tool

Guardicore researchers at RSA Conference 2021 manipulated the Xfinity XR11 voice controller to covertly record household conversations, raising concerns about IoT devices. Continue Reading
By
- Shaun Nichols
News 12 May 2021
Hacker makes short work of Apple AirTag jailbreak

A security researcher discovered a jailbreaking method for Apple's new mobile locating tracking devices, which were introduced just last month. Continue Reading
By
- Shaun Nichols
News 06 May 2021
Popular mobile apps leaking AWS keys, exposing user data

Security researchers at CloudSek discovered approximately 40 popular mobile apps contained hardcoded API secret keys, putting both user information and corporate data at risk. Continue Reading
By
- Shaun Nichols
News 03 May 2021
Apple hurries out fixes for WebKit zero-days

Mac and iOS users are urged to patch their devices immediately for Apple WebKit flaws following reports of active exploits in the wild. Continue Reading
By
- Shaun Nichols
Tip 29 Dec 2020
What is bloatware? How to identify and remove it

Unwanted pre-installed software -- also known as bloatware -- has long posed security threats for computers and other devices. Here are strategies for how to detect bloatware and uninstall the potential threat. Continue Reading
By
- Ben Cole, Executive Editor
- Nick Lewis
News 13 Jul 2020
RSA finds two-thirds of phishing attacks directed at Canada

RSA Security researchers found that nearly 70% of phishing attacks were directed at users in Canada, while the majority of attacks come from U.S.-based ISPs and hosting providers. Continue Reading
By
- Arielle Waldman, News Writer
News 26 May 2020
StrandHogg 2.0 allows attackers to imitate most Android apps

A new elevation-of-privilege vulnerability on Android, dubbed StrandHogg 2.0, allows threat actors to gain access to most apps, according to Norwegian mobile security firm Promon. Continue Reading
By
- Alexander Culafi, Senior News Writer
Podcast 22 May 2020
Risk & Repeat: When will mobile voting be ready?

This week's Risk & Repeat podcast examines the rise of mobile voting apps and how security experts have expressed concerns about the risks deploying the technology for elections. Continue Reading
By
- Rob Wright, Senior News Director
News 22 Nov 2019
Android Security Rewards program expands, adds $1.5M bounty

Google expanded its Android bug bounty program to include data exfiltration and lock screen bypass and raised its top prize for a full chain exploit of a Pixel device. Continue Reading
By
- Michael Heller, TechTarget
News 05 Sep 2019
Insecure Android provisioning could lead to phishing attacks

Researchers say many -- if not most -- Android smartphones are at risk of SMS-based phishing attacks that trick users into installing malicious OTA provisioning settings. Continue Reading
By
- Michael Heller, TechTarget
News 20 Aug 2019
KNOB attack puts all Bluetooth devices at risk

Security researchers discovered a way to force Bluetooth devices to use easy-to-crack encryption keys, which could lead to man-in-the-middle attacks and information leaks. Continue Reading
By
- Michael Heller, TechTarget
News 08 Aug 2019
Apple bug bounty expands to MacOS, offers $1 million iOS reward

Apple announced an expansion of its bug bounty program at Black Hat 2019, including rewards for MacOS vulnerabilities and a $1 million reward for a zero-click iOS exploit. Continue Reading
By
- Michael Heller, TechTarget
News 31 Jul 2019
Project Zero drops six iOS vulnerabilities ahead of Black Hat

Google Project Zero researchers disclosed six iOS vulnerabilities, including proof-of-concept code that could allow for attacks requiring no user interaction. Continue Reading
By
- Michael Heller, TechTarget
Feature 10 Jul 2019
How mobile threat defense integrates with and improves UEM

Though many organizations have either UEM or EMM, mobile threat defense tools aren't as widely adopted. IT can improve mobile security with these tools' monitoring and policies. Continue Reading
By
- John Powers, Senior Site Editor
Tip 02 Jul 2019
Go beyond UEM security to prevent mobile attacks

UEM tools provide a baseline of mobile security functions, but to prevent mobile attacks, IT should add a mobile threat defense tool to its security repertoire. Continue Reading
By
- Jack Gold, J.Gold Associates, LLC.
Tip 25 Jun 2019
Smishing targets mobile users and IT must prepare to fight it

Phishing attacks via SMS target are harder for IT to defend against than email phishing, but with the proper SMS-specific training and testing IT can improve its phishing security. Continue Reading
By
- Kevin Beaver, Principle Logic, LLC
Answer 19 Jun 2019
What can IT do to enhance Android security?

Android is just as secure as its competitors' OSes, but IT should still remain vigilant. Here are three ways to secure Android devices for the enterprise. Continue Reading
By
- Jack Gold, J.Gold Associates, LLC.
News 10 Jun 2019
Google: Triada backdoors were pre-installed on Android devices

Google detailed the discovery and process of removing Triada malware after a supply chain attack led to backdoors being preinstalled on budget phones in overseas markets. Continue Reading
By
- Michael Heller, TechTarget
Feature 16 May 2019
Words to go: GPS tracking security

GPS and location-based services may be some of the most significant recent technological advancements, but they can also put personal privacy in jeopardy. Continue Reading
By
- Katie Donegan, Social Media Manager
News 14 May 2019
Zero-day WhatsApp vulnerability could lead to spyware infection

A zero-day vulnerability in WhatsApp was used in targeted attacks that involved installing spyware on mobile devices, which may be the work of an advanced threat actor. Continue Reading
By
- Michael Heller, TechTarget
Feature 20 Feb 2019
4 mobile security best practices for enterprise IT

Organizations should look to update their mobile security best practices due to COVID-19. IT must incorporate BYOD access to corporate data and other new mobile capabilities. Continue Reading
By
- Reda Chouffani, Biz Technology Solutions
- John Powers, Senior Site Editor
Answer 18 Feb 2019
How does the iPhone phishing scam work?

An iPhone phishing scam leads users to believe malicious incoming calls are from Apple Support. How can enterprises protect their employee against this threat? Continue Reading
By
- Nick Lewis
News 08 Feb 2019
Apple releases FaceTime patch and iOS zero-day fixes

New bug fix releases for both iOS and macOS include the anticipated FaceTime patch for the serious eavesdropping flaw in group chats as well as fixes for two iOS zero-days. Continue Reading
By
- Michael Heller, TechTarget
News 29 Jan 2019
Major Apple FaceTime bug allows audio eavesdropping

A new major FaceTime bug can allow someone to hear the other party's audio before they answer the call and the issue was reported to Apple more than a week ago. Continue Reading
By
- Michael Heller, TechTarget
Answer 25 Jan 2019
What should IT look for in a mobile threat defense tool?

IT pros should consider using tools that can defend against mobile threats. The right tool should defend against malware, uncover compliance issues and expose shadow IT. Continue Reading
By
- Robert Sheldon
Answer 25 Jan 2019
What are the best ways to prevent a SIM swapping attack?

SIM swapping is on the rise as the use of mobile devices increases. Discover what SIM swaps are, how they work and how they can be mitigated. Continue Reading
By
- Nick Lewis
Answer 24 Jan 2019
How can synthetic clicks aid a privilege escalation attack?

An Apple security expert introduced the concept of synthetic clicks, which can bypass privilege escalation defenses. Find out how this new attack technique works with Nick Lewis. Continue Reading
By
- Nick Lewis
Answer 21 Jan 2019
Man-in-the-disk attack: How are Android products affected?

Researchers from Check Point announced a new attack at Black Hat 2018 that targets Android devices. Discover how this attack works and how devices should be protected with Nick Lewis. Continue Reading
By
- Nick Lewis
News 31 Dec 2018
Why dating app security flaws should concern enterprises

Vulnerable dating apps on BYODs pose risks to more than just individual users. Find out what security flaws are common in these apps and what they mean for enterprises. Continue Reading
By
- Lena Young, Editorial Assistant
Answer 07 Dec 2018
How did WhatsApp vulnerabilities get around encryption?

WhatsApp vulnerabilities can enable hackers to bypass end-to-end encryption and spoof messages. Expert Michael Cobb explains how these attacks work and how to prevent them. Continue Reading
By
- Michael Cobb
News 06 Dec 2018
NSO Group's Pegasus spyware linked to Saudi journalist death

Soon after the Pegasus spyware was linked to the death of a Mexican journalist, a new lawsuit alleged the NSO Group and its spyware were also linked to the death of a Saudi journalist. Continue Reading
By
- Michael Heller, TechTarget
Answer 06 Nov 2018
How does the public Venmo API pose a threat for users?

The public Venmo API setting puts users at risk by providing detailed insight into their transactions and personal lives. Expert Michael Cobb discusses the risks of public APIs. Continue Reading
By
- Michael Cobb
Answer 12 Sep 2018
How does Android Protected Confirmation provide security for users?

Android P integrates Android Protected Confirmation, which provides sufficient trust in the authentication process. Learn more about this new feature with expert Michael Cobb. Continue Reading
By
- Michael Cobb
Answer 10 Sep 2018
How does the Android Rowhammer exploit affect users?

Android Rowhammer is a hardware weakness in older devices that puts users at risk of remote exploits. Expert Michael Cobb explains why it's important to upgrade to newer devices. Continue Reading
By
- Michael Cobb
News 07 Sep 2018
Another mSpy leak exposed millions of sensitive user records

News roundup: An mSpy leak has again exposed millions of customer records on the internet. Plus, the FIDO Alliance launched a biometrics certification, and more. Continue Reading
By
- Madelyn Bacon, TechTarget
Answer 27 Aug 2018
How does Google's new detection model find bad Android apps?

Malicious apps have been a consistent problem for the Google Play Store, so a new detection model has been released to help clean it up. Learn how this system works with Nick Lewis. Continue Reading
By
- Nick Lewis
Answer 20 Aug 2018
How does an IMSI catcher exploit SS7 vulnerabilities?

A warning was issued by the Department of Homeland Security regarding the exploitation of SS7 vulnerabilities by IMSI catchers. Learn how this puts mobile communication at risk. Continue Reading
By
- Judith Myerson
Answer 15 Aug 2018
Skygofree Trojan: What makes this spyware unique?

Android malware was discovered by Kaspersky Labs and named Skygofree. This Trojan targets smartphones and tablets using spyware and gathers user information and app data. Continue Reading
By
- Nick Lewis
News 14 Aug 2018
Google location tracking continues even when turned off

New research has discovered mobile apps may still store where users have been even after Google location-tracking services have been turned off. Continue Reading
By
- Michael Heller, TechTarget
News 10 Aug 2018
WhatsApp vulnerabilities let hackers alter messages

News roundup: New WhatsApp vulnerabilities enabled hackers to alter messages sent in the app. Plus, the PGA was hit with a ransomware attack, and more. Continue Reading
By
- Madelyn Bacon, TechTarget
Answer 08 Aug 2018
How do SDKs for ad networks cause data leaks?

SDKs made user data susceptible to security vulnerabilities in mobile apps. Expert Michael Cobb explains how this security vulnerability put user data at risk. Continue Reading
By
- Michael Cobb
Tip 07 Aug 2018
Four new Mac malware strains exposed by Malwarebytes

Mac platforms are at risk after Malwarebytes discovered four new Mac malware strains. Learn how to protect your enterprise and how to mitigate these attacks with expert Nick Lewis. Continue Reading
By
- Nick Lewis
Tip 25 Jul 2018
Combat mobile device security threats at home and abroad

Employees that travel for business face a higher risk of a mobile security breach. Take these steps to ensure that your mobile device fleet is secure. Continue Reading
By
- Kevin Beaver, Principle Logic, LLC
Answer 20 Jul 2018
Trojan.AndroidOS.Loapi: What is this jack-of-all-trades malware?

Kaspersky researchers found a new Android malware that can physically harm phones. Learn how this works and the steps to mitigate the attack with expert Nick Lewis. Continue Reading
By
- Nick Lewis
Podcast 11 Jul 2018
Risk & Repeat: New concerns about smartphone spying

In this week's Risk & Repeat podcast, SearchSecurity editors discuss research that shows some Android apps record video of users' screens without permission or notifications. Continue Reading
By
- Rob Wright, Senior News Director
News 06 Jul 2018
Researchers discover Android apps spying on users' screens

News roundup: Academic researchers discover Android apps secretly recording and sharing video of users' screens. Plus, an NSO Group employee lands in hot water, and more. Continue Reading
By
- Rob Wright, Senior News Director
News 03 Jul 2018
RAMpage attack unlikely to pose real-world risk, expert says

The RAMpage attack against the Rowhammer vulnerability in Android devices is theoretically possible, but it may be more academic than it is a practical concern, one expert said. Continue Reading
By
- Michael Heller, TechTarget
Feature 03 Jul 2018
How to manage security threats to mobile devices

As mobile device security threats increase, IT administrators should know what they are up against and develop strategies to secure mobile devices from cyber attacks. Continue Reading
By
- Kristen Gloss
Answer 12 Jun 2018
Fake WhatsApp app: How can counterfeit apps be avoided?

After a fake WhatsApp app was discovered in the Google Play Store, users are questioning what can be done to avoid counterfeit apps. Learn several techniques with Nick Lewis. Continue Reading
By
- Nick Lewis
Answer 04 Jun 2018
How bad is the iBoot source code leak for Apple security?

The iBoot source code on Apple devices was leaked to the public on GitHub. Expert Michael Cobb explains how it happened and what the implications are for iOS security. Continue Reading
By
- Michael Cobb
Tip 29 May 2018
Desktop and mobile malware detection takes on high priority

End-user computing professionals must embrace modern Windows and mobile malware protection technologies to defend against ransomware and other attacks. Continue Reading
By
- Colin Steele
News 22 May 2018
North Korean hackers linked to Google Play spyware

The 'Sun Team' group of North Korean hackers placed malicious apps in the Google Play store to target defectors and steal personal data such as photos, contacts and SMS messages. Continue Reading
By
- Peter Loshin, Former Senior Technology Editor
Answer 02 May 2018
How were Android Pixel vulnerabilities exploited?

Android Pixel vulnerabilities could open the smartphone up to attack. Expert Michael Cobb explains the vulnerabilities and how to defend against them. Continue Reading
By
- Michael Cobb
Answer 15 Mar 2018
Com.google.provision virus: How does it attack Android devices?

The com.google.provision virus reportedly targets Android users, but little is known about it. Nick Lewis discusses the mystery threat and how Common Malware Enumeration may help. Continue Reading
By
- Nick Lewis
Answer 12 Mar 2018
ExpensiveWall malware: How does this SMS attack function?

A new SMS malware known as ExpensiveWall was recently discovered by Check Point. Learn how it infects devices and puts Android device users at risk with expert Nick Lewis. Continue Reading
By
- Nick Lewis
Answer 09 Mar 2018
How can improper certificate pinning be stopped by the Spinner tool?

Researchers developed a tool to help prevent improper certificate pinning that causes security issues. Expert Michael Cobb reviews the issue and the Spinner tool. Continue Reading
By
- Michael Cobb
Answer 07 Mar 2018
How can users deal with app trackers that collect customer data?

App trackers were found in hundreds of Google Play apps. Expert Michael Cobb explains the threat they pose and how GDPR has the potential to reduce the risk. Continue Reading
By
- Michael Cobb
Answer 06 Mar 2018
How does Tizi spyware affect Android apps?

Android apps affected by Tizi spyware were found in the Google Play Store by Google's Play Protect team. Expert Michael Cobb reviews the threat and how it was fixed. Continue Reading
By
- Michael Cobb
Answer 05 Mar 2018
How can IT reduce smartphone viruses?

It's important for organizations to stay current on what's new in mobile malware and to develop security policies to combat these vulnerabilities. Continue Reading
By
- Matt Schulz
News 09 Feb 2018
Apple's confidential iBoot source code leaked online

News roundup: Apple's highly protected iBoot source code was leaked online. Plus, the U.S. Consumer Financial Protection Bureau stops its Equifax breach investigation, and more. Continue Reading
By
- Madelyn Bacon, TechTarget
Tip 08 Feb 2018
Mobile security issues require a unified approach

Security gaps in mobile devices can be many and varied, but they must be addressed immediately. Unified endpoint management is the next-gen way to close the gaps. Continue Reading
By
- Kevin Beaver, Principle Logic, LLC
Tip 08 Feb 2018
Counter mobile device security threats with unified tools

Attacks on enterprise mobile endpoints are more lethal than ever. To help infosec pros fight back, enterprise mobile management has unified to fortify defenses. Continue Reading
By
- Kevin Beaver, Principle Logic, LLC
Answer 30 Jan 2018
CopyCat malware: How does this Android threat operate?

Check Point researchers discovered new Android malware named CopyCat, which has infected 14 million devices. Learn how this malware works and how it spread from expert Nick Lewis. Continue Reading
By
- Nick Lewis
Answer 22 Jan 2018
How can you use perfect forward secrecy for mobile security?

How can companies increase data protection in mobile communications environments and enhance perfect forward secrecy to safeguard user activity? Continue Reading
By
- Amy Larsen DeCarlo, GlobalData
Answer 12 Jan 2018
What went wrong with the Dirty COW vulnerability patch?

A patch was issued for the Dirty COW vulnerability, but researchers later discovered problems with the patch. Expert Judith Myerson explains what went wrong. Continue Reading
By
- Judith Myerson
Feature 05 Jan 2018
Six questions to ask before buying enterprise MDM products

Mobile device management can be a crucial part of enterprise security. Expert Matt Pascucci presents the key questions to ask when investigating MDM products. Continue Reading
By
- Matthew Pascucci
Feature 04 Jan 2018
Three enterprise scenarios for MDM products

Expert Matt Pascucci outlines three enterprise uses cases for mobile device management products to see how they can protect users, devices and corporate data. Continue Reading
By
- Matthew Pascucci
Answer 04 Jan 2018
Android bootloader: How does it work and what is the risk?

Several vulnerabilities were recently discovered in Android bootloaders via the BootStomp tool. Kevin Beaver explains how they work and what risk these vulnerabilities present. Continue Reading
By
- Kevin Beaver, Principle Logic, LLC
Answer 07 Dec 2017
BlueBorne vulnerabilities: Are your Bluetooth devices safe?

Armis Labs discovered a series of vulnerabilities that enables remote connection to Bluetooth devices. Learn more about the BlueBorne vulnerabilities with expert Matt Pascucci. Continue Reading
By
- Matthew Pascucci
Feature 01 Dec 2017
CISOs take notice as GPS vulnerabilities raise alarms

GPS has been extraordinarily reliable, but there's a growing chorus of experts who say it's time to assess GPS security and consider protective strategies. Continue Reading
By
- Alan R. Earls
Podcast 15 Nov 2017
Risk & Repeat: App store security measures falling short

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the recent discovery of a fake WhatsApp app in the Google Play Store and what that means for app store security. Continue Reading
By
- Rob Wright, Senior News Director
News 08 Nov 2017
Android KRACK flaw patched in latest security update

The latest security release from Google patched the Android KRACK vulnerability affecting Wi-Fi's WPA2 protocol, but update confusion leaves users unsure if they are safe. Continue Reading
By
- Michael Heller, TechTarget
Answer 08 Nov 2017
WireX botnet: How did it use infected Android apps?

To avoid a mobile device catastrophe, several large tech organizations came together to stop the WireX botnet. Learn how this Android botnet with 300 infected apps was stopped. Continue Reading
By
- Matthew Pascucci
News 03 Nov 2017
Researchers hack iOS 11 at Mobile Pwn2Own 2017

Security researchers competing at Mobile Pwn2Own 2017 used multiple vulnerabilities to hack iOS 11 in order to execute code and win prizes. Continue Reading
By
- Michael Heller, TechTarget
Answer 16 Oct 2017
How does Google Play Protect aim to improve Android security?

Google's new security platform, Google Play Protect, looks to decrease Android app security threats through machine learning. Michael Cobb explains how the new platform works. Continue Reading
By
- Michael Cobb
News 29 Sep 2017
Proof-of-concept iOS exploit released by Google's Project Zero

Google's Project Zero released a proof-of-concept iOS exploit similar to the Broadpwn Wi-Fi flaw that could allow an attacker to run code or implant a backdoor. Continue Reading
By
- Michael Heller, TechTarget
Answer 27 Sep 2017
PINLogger: How does this exploit steal PINs?

The proof-of-concept PINLogger attack exploits mobile device sensors to steal PINs. Nick Lewis explains how the attack works and offers advice on how to stop it. Continue Reading
By
- Nick Lewis
News 22 Sep 2017
Users plagued by iOS app security issues, according to new research

News roundup: Researchers uncovered a large number of iOS app security risks. Plus, Viacom exposed its critical data through a misconfigured AWS S3 bucket, and more. Continue Reading
By
- Madelyn Bacon, TechTarget
Answer 13 Sep 2017
How can memory corruption attacks threaten smartphones?

Smartphone users could be at risk of memory corruption attacks because of a baseband vulnerability. Expert Michael Cobb explains the attack and how concerned users should be. Continue Reading
By
- Michael Cobb
News 08 Sep 2017
Six new vulnerabilities in Android bootloaders uncovered

News roundup: Researchers used the new BootStomp tool to uncover six vulnerabilities in Android bootloaders. Plus, a new wave of AWS S3 bucket data leaks strikes and more. Continue Reading
By
- Madelyn Bacon, TechTarget
Answer 21 Jun 2017
What are HummingWhale malware's new ad fraud features?

A HummingBad malware variant, HummingWhale, was discovered being spread through 20 apps on the Google Play Store. Expert Nick Lewis explains the malware's new features. Continue Reading
By
- Nick Lewis
Answer 08 Jun 2017
The Apple Notify flaw: How does it allow malicious script injection?

Flaws in the Apple Notify function and iTunes can enable attackers to inject malicious script into the application side. Expert Michael Cobb explains how these vulnerabilities work. Continue Reading
By
- Michael Cobb
Tip 06 Jun 2017
How mobile application assessments can boost enterprise security

Mobile application assessments can help enterprises decide which apps to allow, improving security. Christopher Crowley of the SANS Institute discusses how to use app assessments. Continue Reading
By
- Christopher Crowley
Answer 18 May 2017
What is the SS7 protocol and what are its security implications?

The SS7 protocol has been a source of controversy lately because of its security vulnerabilities. Expert Judith Myerson explains what the protocol is and what its issues are. Continue Reading
By
- Judith Myerson
News 11 May 2017
Android clickjacking attacks possible from Google Play apps

Google implemented clickjacking attack mitigations in Android but left a potential avenue for malicious actors that won't be fixed until Android O is released. Continue Reading
By
- Michael Heller, TechTarget
Answer 26 Apr 2017
How does the boot mode vulnerability in Android work?

A boot mode vulnerability allowed attackers to eavesdrop on calls made on certain Android devices. Expert Judith Myerson explains how the complex exploit works. Continue Reading
By
- Judith Myerson
Answer 03 Apr 2017
How did firmware create an Android backdoor in budget devices?

An Android backdoor was discovered in the Ragentek firmware used in almost three million low-cost devices. Expert Michael Cobb explains how to prevent attacks on affected devices. Continue Reading
By
- Michael Cobb
Answer 30 Mar 2017
How did vulnerabilities in AirWatch Agent and Inbox work?

Flaws in AirWatch Agent and AirWatch Inbox allowed rooted devices to bypass the software's security measures. Expert Matthew Pascucci explains how these vulnerabilities worked. Continue Reading
By
- Matthew Pascucci
Answer 07 Mar 2017
How can the Dirty COW vulnerability be used to attack Android devices?

A copy-on-write vulnerability known as 'Dirty COW' was found in the Linux kernel of Android devices. Expert Michael Cobb explains the risks of this attack. Continue Reading
By
- Michael Cobb
Answer 07 Feb 2017
How did a Signal app bug let attackers alter encrypted attachments?

The Signal app, used for end-to-end encrypted mobile messaging, contained a bug that allowed data to be added to attachments. Expert Michael Cobb explains the flaw. Continue Reading
By
- Michael Cobb
Answer 04 Jul 2016
How can the AirDroid app phone hijacking be prevented?

A vulnerability in the AirDroid device manager app left users at risk of phone hijacking. Expert Michael Cobb explains how the exploit works, and what can be done to prevent it. Continue Reading
By
- Michael Cobb
Answer 01 Oct 2015
How can power consumption-tracking malware be avoided?

Malware authors are using power consumption tracking-malware to eavesdrop on and attack mobile devices. Expert Nick Lewis explains the threat and how to defend against it. Continue Reading
By
- Nick Lewis
Answer 13 Aug 2015
How can I mitigate the risks of alternative Android browsers?

Expert Michael Cobb explains the security risks surrounding alternative Web browsers, as well as approaches enterprises can take to prevent BYOD employees from using them. Continue Reading
By
- Michael Cobb
News 03 Mar 2015
Amid Apple Pay fraud, banks scramble to fix Yellow Path process

Banks are rushing to fix sloppy authentication processes at the heart of rising Apple Pay fraud. Experts also worry about potential fraud with other mobile payment systems. Continue Reading
By
- Michael Heller, TechTarget