Information Security and Mobile - Cyber Security Informer

German Federal Office for Information Security (BSI) investigates Chinese mobile phones

Security Affairs

SEPTEMBER 26, 2021

German Federal Office for Information Security is launching an investigation into the cybersecurity of certain Chinese mobile phones. German Federal Office for Information Security (BSI) is launching an investigation into the cybersecurity of mobile phones of certain Chinese manufacturers.

Information Security

Information Security Mobile Manufacturing Encryption

Mobile virtual network operator Mint Mobile discloses a data breach

Security Affairs

DECEMBER 23, 2023

Mobile virtual network operator Mint Mobile suffered a new data breach, threat actors had access to customers’ personal information. Mint Mobile experienced a recent data breach, exposing customers’ personal information to unauthorized access by threat actors.

Mobile

Mobile Data breaches Wireless Data collection

Ukraine President enforces Information Security Strategy

CyberSecurity Insiders

DECEMBER 29, 2021

Amid extreme concerns related to cyber warfare from Russia, Ukraine’s President Volodymyr Zelensky announced a new information security strategy policy was launched and came into effect early this week. The post Ukraine President enforces Information Security Strategy appeared first on Cybersecurity Insiders.

Information Security

Information Security Cryptocurrency Scams Cyber Attacks

750 million Indian mobile subscribers’ data offered for sale on dark web

Security Affairs

JANUARY 30, 2024

Data of 750 million Indian mobile subscribers was offered for sale on dark web hacker forums earlier in January. CloudSEK researchers warned that a database containing data of 750 million Indian mobile subscribers was offered for sale on dark web hacker forums earlier in January.

Mobile

Mobile Identity Theft Cybercrime Cyber Attacks

Rethinking the Status Quo of Mobile App Security

Security Boulevard

APRIL 19, 2023

Most executives view mobile applications as a crucial component of their organization’s business strategy. Mobile apps help companies generate revenue, engage with customers and create new business opportunities. The post Rethinking the Status Quo of Mobile App Security appeared first on Security Boulevard.

Mobile

Mobile Accountability CISO Information Security

Data leak exposes users of car-sharing service Blink Mobility

Security Affairs

DECEMBER 21, 2023

More than 22,000 users of Blink Mobility should take the necessary steps to protect themselves against the risk of identity theft. Los Angeles-based electric car-sharing provider Blink Mobility left a misconfigured MongoDB database open to the public.

Mobile

Mobile Identity Theft Passwords Phishing

Canada bans WeChat and Kaspersky apps on government-issued mobile devices

Security Affairs

OCTOBER 30, 2023

Canada banned the Chinese messaging app WeChat and Kaspersky antivirus on government mobile devices due to privacy and security risks. The Government of Canada announced a ban on the use of the WeChat and Kaspersky applications on government-issued mobile devices due to privacy and security risks.

Mobile

Mobile Government Data collection Antivirus

T-Mobile suffered a new data breach

Security Affairs

DECEMBER 29, 2021

T-Mobile discloses a new data breach that impacted a “very small number of customers” who were victim of SIM swap attacks. T-Mobile has suffered another security breach, threat actors gained access to the accounts of “a small number of” customers.’. ” a T-Mobile Spokesperson told BleepingComputer.

Data breaches

Data breaches Mobile Wireless Accountability

Californian IT company DNA Micro leaks private mobile phone data

Security Affairs

OCTOBER 18, 2023

IMEI is a unique number assigned to each mobile device and is used to identify a device on a mobile network. If that happens, it can cause disruptions to the mobile service of the device. The leak also increases the risk of malware attacks, as exposed information about phone models could be exploited by threat actors.

Mobile

Mobile Phishing Manufacturing Risk

Kyivstar, Ukraine’s largest mobile carrier brought down by a cyber attack

Security Affairs

DECEMBER 12, 2023

The Ukrainian telecommunications company provides communication services and data transmission based on a broad range of fixed and mobile technologies, including 4G (LTE) in Ukraine. The Kyivstar mobile network serves about 26 million mobile customers and more than 1 million broadband fixed internet customers in the country.

Cyber Attacks

Cyber Attacks Mobile Telecommunications Internet

Google announced its Mobile VRP (vulnerability rewards program)

Security Affairs

MAY 23, 2023

Google introduced Mobile VRP (vulnerability rewards program), a new bug bounty program for reporting vulnerabilities in its mobile applications. Google announced a new bug bounty program, named Mobile VRP (vulnerability rewards program), that covers its mobile applications. We are in the final!

Mobile

Mobile Hacking Accountability Cybersecurity

Attackers can discover IP address by sending a link over the Skype mobile app

Security Affairs

AUGUST 28, 2023

A security researcher demonstrated how to discover a target’s IP address by sending a link over the Skype mobile app. The security researcher Yossi discovered that is possible to discover a target’s IP address by sending a link over the Skype mobile app. The problem only impacts the Skype mobile app.

Mobile

Mobile Media VPN Risk

Hackers accessed Mint Mobile subscribers’ data and ported some numbers

Security Affairs

JULY 10, 2021

Mint Mobile discloses a data breach, an unauthorized attacker gained access to subscribers’ account information and ported phone numbers. Mint Mobile is an American telecommunications company which sells mobile phone services and operates as an MVNO on T-Mobile’s cellular network in the United States.

Mobile

Mobile Data breaches Telecommunications Passwords

New flaw in Ivanti Endpoint Manager Mobile actively exploited in the wild

Security Affairs

JULY 30, 2023

Software firm Ivanti disclosed another security vulnerability impacting Endpoint Manager Mobile (EPMM), that it said actively exploited. “A vulnerability has been discovered in Ivanti Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core.” ” reads the advisory published by the company.

Mobile

Mobile Authentication Software Government

French telephone operator La Poste Mobile suffered a ransomware attack

Security Affairs

JULY 10, 2022

French virtual mobile telephone operator La Poste Mobile was hit by a ransomware attack that impacted administrative and management services. . The ransomware attack hit the virtual mobile telephone operator La Poste Mobile on July 4 and paralyzed administrative and management services. . Who is behind the attack?

Mobile

Mobile Ransomware Identity Theft Phishing

T-Mobile confirms Lapsus$ had access its systems

Security Affairs

APRIL 23, 2022

Telecommunication giant T-Mobile confirmed the LAPSUS$ extortion group gained access to its networks in March. Telecom company T-Mobile on Friday revealed that LAPSUS$ extortion gang gained access to its networks. ” LAPSUS$ leader White/Lapsus Jobs looking up the Department of Defense in T-Mobile’s internal Atlas system.

Mobile

Mobile VPN Social Engineering Telecommunications

Exclusive: The largest mobile malware marketplace identified by Resecurity in the Dark Web

Security Affairs

DECEMBER 5, 2022

Resecurity has identified a new underground marketplace in the Dark Web oriented towards mobile malware developers and operators. Later, cybercriminals successfully applied the same approach to mobile devices, because modern digital payments are extremely interconnected when it comes to mobile applications used by consumers. .

Mobile

Mobile Malware Banking Retail

T-Mobile data breach: CPNI (Customer Proprietary Network Information) exposed

Security Affairs

DECEMBER 30, 2020

T-Mobile has disclosed a data breach that exposed customers’ network information (CPNI), including phone numbers and calls records. T-Mobile has disclosed a data breach exposing customers’ account’s information. If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Data breaches

Data breaches Mobile Telecommunications Wireless

T-Mobile confirms data breach that exposed customer personal info

Security Affairs

AUGUST 16, 2021

T-Mobile confirms a breach after threat actors claimed to have obtained records of 100 million of its customers and offered them for sale. T-Mobile has confirmed a data breach that exposed personal information from over 100 million of its US customers. ” states an incident update published by the company.

Data breaches

Data breaches Mobile Telecommunications Wireless

Android mobile devices from top vendors in China have pre-installed malware

Security Affairs

FEBRUARY 9, 2023

Researchers reported that the top-of-the-line Android mobile devices sold in China are shipped with malware. The apps were designed to exfiltrate user and device information in a stealthy way, including system info, geolocation, user profile, social relationships, and call history.

Mobile

Mobile Malware Surveillance Spyware

Two flaws in Cisco AnyConnect Secure Mobility client for Windows actively exploited

Security Affairs

OCTOBER 26, 2022

Cisco warns of active exploitation attempts targeting two vulnerabilities in the Cisco AnyConnect Secure Mobility Client for Windows. Cisco is warning of exploitation attempts targeting two security flaws, tracked as CVE-2020-3153 (CVSS score: 6.5) Both vulnerabilities are dated 2020 and are now patched. Pierluigi Paganini.

Mobile

Mobile Authentication Hacking Risk

Flaws in ‘Find My Mobile’ exposed Samsung phones to hack

Security Affairs

AUGUST 11, 2020

A researcher found multiple flaws in Samsung’s Find My Mobile that could have been chained to perform various malicious activities on Samsung Galaxy Phones. ” reads the report published by the security firm. The [Find My Mobile] application should not have arbitrary components publicly available and in an exported state.

Mobile

Mobile Hacking Advertising Cybersecurity

Cybercriminals Evolve Antidetect Tooling for Mobile OS-Based Fraud

Security Affairs

JULY 10, 2023

Resecurity identified the emergence of adversarial mobile Android-based Antidetect Tooling for Mobile OS-Based Fraud. Resecurity has identified the emergence of adversarial mobile Android-based tools (called “mobile anti-detects”), like Enclave and McFly, as a new frontier in fraud tradecraft evolution.

Mobile

Mobile Banking Firmware Software

T-Mobile data breach has impacted 48.6 million customers

Security Affairs

AUGUST 18, 2021

T-Mobile has confirmed that hackers have stolen records belonging to 48.6 Recently T-Mobile has launched an investigation into a possible security breach after a threat actor started offering for sale 100 million T-Mobile customer records on the dark web. The post T-Mobile data breach has impacted 48.6

Data breaches

Data breaches Mobile Telecommunications Wireless

Fake mobile version of Cyberpunk 2077 spreads ransomware

Security Affairs

DECEMBER 18, 2020

It is not the first time that threat actors attempt to exploit the interest of the gamers into new video games like has happened with mobile versions of the popular Fortnite back in 2028. The post Fake mobile version of Cyberpunk 2077 spreads ransomware appeared first on Security Affairs. "CyberPunk2077.sfx.exe"

Mobile

Mobile Ransomware Encryption Malware

T-Mobile customers were hit with SIM swapping attacks

Security Affairs

FEBRUARY 27, 2021

The telecommunications giant T-Mobile disclosed a data breach after some of its customers were apparently affected by SIM swap attacks. The telecommunications provider T-Mobile has disclosed a data breach after it became aware that some of its customers were allegedly victims of SIM swap attacks.

Mobile

Mobile Telecommunications Data breaches Identity Theft

T-Mobile data breach could be worse than initially thought, 54 million customers impacted

Security Affairs

AUGUST 22, 2021

T-Mobile data breach could be worse than initially thought, an update to the investigation reveals that over 54 million individuals were impacted. T-Mobile data breach could be worse than initially thought, according to an update to the investigation over 54 million customers had their data compromised. Pierluigi Paganini.

Data breaches

Data breaches Mobile Accountability Phishing

Adobe fixes flaws in Connect and Reader Mobile

Security Affairs

NOVEMBER 10, 2020

Adobe addressed vulnerabilities in its Reader Mobile and Connect products, none of them is rated as critical severity. Adobe has released security patches to address vulnerabilities in its Reader Mobile and Connect products. ” reads the security advisory published by the company. Pierluigi Paganini.

Mobile

Mobile Banking Hacking Software

Hackers gained access to T-Mobile customers and employee personal info

Security Affairs

MARCH 5, 2020

New problems for the wireless carrier T-Mobile that disclosed a data breach that exposed some of the customers’ personal information. The wireless carrier T-Mobile was victims of a sophisticated cyber attack that targeted its email vendor. The company declared that it is not aware of abuses of the exposed information.

Mobile

Mobile Data breaches Telecommunications Wireless

Threat actor is selling a dump allegedly including 2,5M customers of service provider Ho Mobile

Security Affairs

DECEMBER 28, 2020

Threat intelligence analyst discovered a threat actor that is selling a database of the Italian mobile service provider Ho mobile. Ho mobile is an Italian mobile telephone service offered by Vodafone Enabler Italia, an Italian virtual mobile telephone operator. ” Bank Security told me.

Mobile

Mobile Banking Data breaches Phishing

Which are the most dangerous mobile app stores online?

Security Affairs

FEBRUARY 28, 2020

An interesting report published by RiskIQ on 2019 Mobile App Threat Landscape, lists the most dangerous mobile app store online. Mobile users downloaded over 200 billion apps in 2019 and the overall expense in app stores worldwide has been estimated in more than $120 billion. appeared first on Security Affairs.

Mobile

Mobile Advertising Cybercrime Phishing

JekyllBot:5 flaws allow hacking TUG autonomous mobile robots in hospitals

Security Affairs

APRIL 13, 2022

Researchers discovered five vulnerabilities that can be exploited to remotely hack hospital Aethon’s TUG autonomous mobile robots. According to a US CISA advisory, the successful exploitation of these flaws could cause a denial-of-service condition, allow full control of robot functions, or expose sensitive information.

Mobile

Mobile Hacking Firmware Surveillance

BSides Tampa 2021 – Buddy Smith’s ‘Mobile Penetration Testing Hybrid’

Security Boulevard

JUNE 15, 2021

The post BSides Tampa 2021 – Buddy Smith’s ‘Mobile Penetration Testing Hybrid’ appeared first on Security Boulevard. Our thanks to BSides Tampa for publishing their outstanding videos on the organization's YouTube channel. Enjoy the Education!

Penetration Testing

Penetration Testing Mobile Education InfoSec

Threat actor claims to be selling data of more than 100 million T-Mobile customers

Security Affairs

AUGUST 15, 2021

T-Mobile is investigating a possible data breach after a threat actor published a post on a forum claiming to be selling the personal data of its customers. The seller told Motherboard that the data was obtained by compromising multiple servers related to T-Mobile. ” Follow me on Twitter: @securityaffairs and Facebook.

Mobile

Mobile Data breaches Telecommunications Hacking

T-Mobile suffered a major outage in the US allegedly caused by a massive DDoS attack

Security Affairs

JUNE 16, 2020

Wireless carrier T-Mobile suffered a major outage in the United States, that impacted service at other carriers, due to a “massive” DDoS attack. Wireless carrier T-Mobile suffered a massive DDoS attack that caused a major outage in the United States that impacted service at other carriers due to a “massive” DDoS attack.

DDOS

DDOS Mobile Wireless Advertising

Roaming Mantis uses new DNS changer in its Wroba mobile malware

Security Affairs

JANUARY 22, 2023

Roaming Mantis threat actors were observed using a new variant of their mobile malware Wroba to hijack DNS settings of Wi-Fi routers. Researchers from Kaspersky observed Roaming Mantis threat actors using an updated variant of their mobile malware Wroba to compromise Wi-Fi routers and hijack DNS settings.

DNS

DNS Mobile Malware Hacking

DEF CON 31 XR Village – Whitney Phillips’ ‘Augmented Reality And Implications On Mobile Security’

Security Boulevard

DECEMBER 10, 2023

Permalink The post DEF CON 31 XR Village – Whitney Phillips’ ‘Augmented Reality And Implications On Mobile Security’ appeared first on Security Boulevard. Originating from the conference events at Caesars Forum, Flamingo, Harrah’s and Linq in Las Vegas, Nevada ; via the organizations YouTube channel.

Mobile

Mobile Architecture Education Information Security

T-Mobile discloses data breach affecting prepaid wireless customers

Security Affairs

NOVEMBER 22, 2019

Bad news for T-Mobile prepaid customer, the US-based telecom giant T-Mobile today disclosed a new data breach incident. The US branch of the telecommunications giant T -Mobile disclosed a security breach that according to the company impacted a small number of customers of its prepaid service. Pierluigi Paganini.

Wireless

Wireless Data breaches Mobile Telecommunications

Zero-day in Cisco AnyConnect Secure Mobility Client yet to be fixed

Security Affairs

NOVEMBER 4, 2020

Cisco disclosed a zero-day vulnerability in the Cisco AnyConnect Secure Mobility Client software and the availability of PoC exploit code. Cisco has disclosed a zero-day vulnerability, tracked as CVE-2020-3556, in the Cisco AnyConnect Secure Mobility Client software with the public availability of a proof-of-concept exploit code.

Mobile

Mobile Authentication Advertising Software

Data belonging 44 Million Pakistani mobile users leaked online

Security Affairs

MAY 6, 2020

A threat actor is offering a database apparently belonging to Pakistan’s leading telecom service, it includes data of 44 Million Pakistani mobile users. – Database contains information such as names, addresses, phone numbers, national IDs, and more on over 44,000,000 Pakistanis. Pierluigi Paganini.

Mobile

Mobile Telecommunications Data breaches Advertising

Twitter account of Huawei Mobile Brazil hacked

Security Affairs

DECEMBER 1, 2019

The official Twitter account of Huawei Mobile Brazil has been hacked and attackers have sent offensive messages to the rival Apple. The official Twitter account of Huawei Mobile Brazil has been hacked, attackers have sent offensive messages to provoke the rival Apple. ” reported the Gizchina.com website. Pierluigi Paganini.

Mobile

Mobile Accountability Hacking Wireless

Attackers are actively targeting critical RCE bug in SonicWall Secure Mobile Access

Security Affairs

JANUARY 25, 2022

Threat actors are actively exploiting a critical flaw (CVE-2021-20038) in SonicWall’s Secure Mobile Access (SMA) gateways addressed in December. Threat actors are actively exploiting a critical flaw, tracked as CVE-2021-20038 , in SonicWall’s Secure Mobile Access (SMA) gateways addressed by the vendor in December.

Mobile

Mobile Passwords Firmware Firewall

Flaws in mobile Internet protocol GTP allow hackers to target 5G users

Security Affairs

JUNE 15, 2020

Security vulnerabilities in modern communication protocol GTP used by mobile network operators can be exploited by attackers to target 4G/5G users. “The GTP protocol contains a number of vulnerabilities threatening both mobile operators and their clients. ” reads the report published by the experts.

Mobile

Mobile Internet Internet Wireless

Malware found pre-installed in cheap push-button mobile phones sold in Russia

Security Affairs

SEPTEMBER 6, 2021

Security researcher ValdikSS found malware preinstalled in four low-budget push-button mobile phones available for sale on Russian e-stores. A Russian security researcher that goes online with the name of ValdikSS has found malware preinstalled in four low-budget push-button mobile phones available for sale on Russian e-stores.

Mobile

Mobile Malware Firmware Manufacturing

German Federal Office for Information Security (BSI) investigates Chinese mobile phones

Mobile virtual network operator Mint Mobile discloses a data breach

Trending Sources

Ukraine President enforces Information Security Strategy

750 million Indian mobile subscribers’ data offered for sale on dark web

Rethinking the Status Quo of Mobile App Security

Data leak exposes users of car-sharing service Blink Mobility

Canada bans WeChat and Kaspersky apps on government-issued mobile devices

T-Mobile suffered a new data breach

Californian IT company DNA Micro leaks private mobile phone data

Kyivstar, Ukraine’s largest mobile carrier brought down by a cyber attack

Google announced its Mobile VRP (vulnerability rewards program)

Attackers can discover IP address by sending a link over the Skype mobile app

Hackers accessed Mint Mobile subscribers’ data and ported some numbers

New flaw in Ivanti Endpoint Manager Mobile actively exploited in the wild

French telephone operator La Poste Mobile suffered a ransomware attack

T-Mobile confirms Lapsus$ had access its systems

Exclusive: The largest mobile malware marketplace identified by Resecurity in the Dark Web

T-Mobile data breach: CPNI (Customer Proprietary Network Information) exposed

T-Mobile confirms data breach that exposed customer personal info

Android mobile devices from top vendors in China have pre-installed malware

Two flaws in Cisco AnyConnect Secure Mobility client for Windows actively exploited

Flaws in ‘Find My Mobile’ exposed Samsung phones to hack

Cybercriminals Evolve Antidetect Tooling for Mobile OS-Based Fraud

T-Mobile data breach has impacted 48.6 million customers

Fake mobile version of Cyberpunk 2077 spreads ransomware

T-Mobile customers were hit with SIM swapping attacks

T-Mobile data breach could be worse than initially thought, 54 million customers impacted

Adobe fixes flaws in Connect and Reader Mobile

Hackers gained access to T-Mobile customers and employee personal info

Threat actor is selling a dump allegedly including 2,5M customers of service provider Ho Mobile

Which are the most dangerous mobile app stores online?

JekyllBot:5 flaws allow hacking TUG autonomous mobile robots in hospitals

BSides Tampa 2021 – Buddy Smith’s ‘Mobile Penetration Testing Hybrid’

Threat actor claims to be selling data of more than 100 million T-Mobile customers

T-Mobile suffered a major outage in the US allegedly caused by a massive DDoS attack

Roaming Mantis uses new DNS changer in its Wroba mobile malware

DEF CON 31 XR Village – Whitney Phillips’ ‘Augmented Reality And Implications On Mobile Security’

T-Mobile discloses data breach affecting prepaid wireless customers

Zero-day in Cisco AnyConnect Secure Mobility Client yet to be fixed

Data belonging 44 Million Pakistani mobile users leaked online

Twitter account of Huawei Mobile Brazil hacked

Attackers are actively targeting critical RCE bug in SonicWall Secure Mobile Access

Flaws in mobile Internet protocol GTP allow hackers to target 5G users

Malware found pre-installed in cheap push-button mobile phones sold in Russia

Stay Connected