Krebs on Security

FEBRUARY 6, 2025

New mobile apps from the Chinese artificial intelligence (AI) company DeepSeek have remained among the top three “free” downloads for Apple and Google devices since their debut on Jan.

Risk 298

Risk Artificial Intelligence Mobile Encryption 298

Krebs on Security

JANUARY 16, 2025

Those who fall for the scam are asked to provide payment card data, and eventually will be asked to supply a one-time password sent via SMS or a mobile authentication app. Notably, none of the phishing pages will even load unless the website detects that the visitor is coming from a mobile device.

Phishing 300

Phishing Scams Mobile Passwords 300

Krebs on Security

APRIL 10, 2025

China-based purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. If the visitor supplies that one-time code, their payment card is then added to a new mobile wallet on an Apple or Google device that is physically controlled by the phishers.

Phishing 242

Phishing Banking Mobile Retail 242

Krebs on Security

MARCH 21, 2025

states last week independently announced arrests of Chinese nationals accused of perpetrating a novel form of tap-to-pay fraud using mobile devices. If you own a mobile phone, the chances are excellent that at some point in the past two years it has received at least one phishing message that spoofs the U.S. Image: WLVT-8.

Phishing 221

Phishing Mobile Scams Banking 221

Security Boulevard

MAY 1, 2025

Zimperium, this week during the 2025 RSA Conference, shared an analysis of mobile computing environments that finds more than 60% of iOS and 34% of Android apps lack basic code protection, with nearly 60% of iOS and 43% of Android apps also vulnerable to leaking personally identifiable information (PII).

Mobile 75

Mobile Malware Cybersecurity 75

Cisco Security

APRIL 3, 2025

Cisco is the sole supplier of network services to Mobile World Congress, expanding into security and observability, with Splunk.

Mobile 110

Mobile Firewall Cybersecurity 110

Webroot

MAY 9, 2025

Photo credit: TextMagic Mobile security checklist Most of us use our phones for everything – banking, shopping, messaging, and storing personal information. Here are some tips to help you strengthen your mobile security against text scams and other types of fraud. Always take a moment to think critically before acting.

Scams 72

Scams Mobile Banking VPN 72

SecureList

NOVEMBER 29, 2024

Non-mobile statistics IT threat evolution in Q3 2024. Mobile statistics The statistics presented here are based on detection verdicts by Kaspersky products and services received from users who consented to providing statistical data. IT threat evolution in Q3 2024 IT threat evolution in Q3 2024.

Mobile 106

Mobile Adware Ransomware Malware 106

Zero Day

MAY 9, 2025

For the first time, T-Mobile is offering a free iPhone 16 Pro (no trade-in required) when you sign up for their Experience Beyond plan.

Mobile 84

Mobile 84

Schneier on Security

NOVEMBER 26, 2024

which are two recently released versions of Apple’s mobile operating system, according to documents describing the tool’s capabilities in granular detail obtained by 404 Media. The documents do not appear to contain information about what Graykey can access from the public release of iOS 18.1, which was released on October 28.

Media 289

Media Manufacturing Mobile Hacking 289

Krebs on Security

DECEMBER 3, 2024

Interisle sources data about cybercrime domains from anti-spam organizations, including the Anti-Phishing Working Group (APWG), the Coalition Against Unsolicited Commercial Email (CAUCE), and the Messaging, Malware, and Mobile Anti-Abuse Working Group (M3AAWG).

Cybercrime 296

Cybercrime Phishing Accountability Internet 296

Security Affairs

MARCH 29, 2025

“The emergence of the Crocodilus mobile banking Trojan marks a significant escalation in the sophistication and threat level posed by modern malware. Crocodilus tricks victims into revealing their seed phrase by displaying a fake warning, then logs the text via Accessibility features to steal and drain crypto wallets.

Banking 71

Banking Mobile Identity Theft Malware 71

Malwarebytes

APRIL 3, 2025

Up to one in five of the most popular mobile VPNs for iOS last year are owned by Chinese companies that do their best to hide the fact. Mobile VPNs are apps that connect your smartphone to the internet via different computers around the world. The company developed several mobile apps for Innovative Connecting Pte.

VPN 141

VPN Mobile Government Technology 141

Krebs on Security

NOVEMBER 1, 2024

KrebsOnSecurity last week heard from a reader whose close friend received a targeted phishing message within the Booking mobile app just minutes after making a reservation at a California. ” The phony booking.com website generated by visiting the link in the text message.

Phishing 273

Phishing Accountability Artificial Intelligence Cybercrime 273

Security Affairs

NOVEMBER 25, 2024

” An SMS blaster attack is a cyberattack where a large number of malicious or fraudulent SMS messages are sent to mobile devices within a specific area or to a targeted group. SMS blaster attacks can exploit vulnerabilities in mobile networks and typically require proximity to the targeted devices for localized attacks.

Mobile 127

Mobile Scams Technology Telecommunications 127

The Last Watchdog

MAY 1, 2025

Approov: Securing cloud-mobile APIs Ted Miracco, CEO of Approov, painted a vivid picture of modern mobile risk: Your mobile app is under attack the moment it talks to the cloud especially over public Wi-Fi. The moment an intruder touches one, high-fidelity alerts are triggered. Approovs solution?

Mobile 189

Mobile Government CISO Technology 189

Krebs on Security

APRIL 29, 2024

Federal Communications Commission (FCC) today levied fines totaling nearly $200 million against the four major carriers — including AT&T , Sprint , T-Mobile and Verizon — for illegally sharing access to customers’ location information without consent.

Wireless 328

Wireless Mobile Technology 328

Security Affairs

OCTOBER 22, 2024

A vulnerability resides in Samsung mobile processors and according to the experts, it has been chained with other vulnerabilities to achieve arbitrary code execution on vulnerable devices. The vulnerability is a use-after-free issue, attackers could exploit the flaw to escalate privileges on a vulnerable Android device.

Firmware 145

Firmware Mobile Spyware Media 145

eSecurity Planet

FEBRUARY 26, 2025

Cybercriminals are shifting their focus from emails to text messages, using mishing a more deceptive form of phishing to target mobile users and infiltrate corporate networks, according to new security research by Zimperium. Zimperium found that mishing activity peaked in August 2024, with over 1,000 daily attacks recorded. What is mishing?

Phishing 87

Phishing Mobile Social Engineering Data breaches 87

Krebs on Security

DECEMBER 29, 2024

Much of my summer was spent reporting a story about how advertising and marketing firms have created a global free-for-all where anyone can track the daily movements and associations of hundreds of millions of mobile devices , thanks to the ubiquity of mobile location data that is broadly and cheaply available.

Scams 238

Scams Cybercrime Cryptocurrency Social Engineering 238

Security Affairs

OCTOBER 17, 2024

VMWare warns to address a remote code execution vulnerability, tracked as CVE-2024-38814 (CVSS score of 8.8), in its HCX application mobility platform. ” VMware HCX (Hybrid Cloud Extension) is a workload mobility platform designed to simplify the migration, rebalancing, and continuity of workloads across data centers and clouds.

Authentication 134

Authentication Mobile Hacking Information Security 134

Schneier on Security

NOVEMBER 13, 2024

The mobile scanners on cars are not mapped. DeFlock is a crowd-sourced project to map license plate scanners. It only records the fixed scanners, of course. The post Mapping License Plate Scanners in the US appeared first on Schneier on Security.

Mobile 301

Mobile Surveillance 301

Malwarebytes

APRIL 3, 2025

Not one but several worried parents that tracked their children by using T-Mobile tracking devices suddenly found that they were looking at the location of random other children. T-Mobile sells a small GPS tracker called SyncUP , which can be used to track, among others, the locations of young children who dont have cell phones yet.

Mobile 108

Mobile Media Surveillance Technology 108

NSTIC

NOVEMBER 13, 2024

If you are interested in the world of digital identities, you have probably heard some of the buzzwords that have been floating around for a few years now… “verifiable credential,” “digital wallet,” “mobile driver’s license” or “mDL.” But what exactly is a verifiable digital credential?

Insurance 133

Insurance Mobile 133

Malwarebytes

FEBRUARY 11, 2025

They started developing entire mobile apps on Android that could provide the same level of theft. These decoy apps are often hosted on less popular mobile app stores, as the protections of the Google Play store often flag and remove these apps, should they ever sneak onto the marketplace. A low number of reviews may signal a decoy app.

Phishing 133

Phishing Passwords Mobile Authentication 133

Security Affairs

MARCH 28, 2025

. “Preliminary findings indicate that the suspects developed malware called Mamont, which they distributed via Telegram channels under the guise of safe mobile applications and video files. Crooks typically disguise the malicious code as legitimate mobile apps or video files.

Banking 118

Banking Computers and Electronics Mobile Malware 118

Security Affairs

APRIL 19, 2025

Threat actors are actively exploiting a remote code execution flaw in SonicWall Secure Mobile Access (SMA) appliances since January 2025. Arctic Wolf researchers warn that threat actors actively exploit a vulnerability, tracked as CVE-2021-20035 (CVSS score of 7.1), in SonicWall Secure Mobile Access (SMA) since at least January 2025.

Passwords 110

Passwords VPN Firewall Accountability 110

Zero Day

MAY 15, 2025

The Lenovo Tab M9 is a solid tablet for watching shows and movies. The best part? It's very affordable.

Mobile 78

Mobile 78

Krebs on Security

NOVEMBER 21, 2024

technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. Image: Amitai Cohen twitter.com/amitaico.

Identity Theft 265

Identity Theft Phishing Cryptocurrency Accountability 265

Malwarebytes

FEBRUARY 27, 2025

Combining official-looking Google search ads with specially-crafted PayPal pay links, makes this scheme particularly dangerous on mobile devices due to their screen size limitation and likelihood of not having security software. There are also security solutions that can block ads and malicious links, such as Malwarebytes for mobile devices.

Scams 120

Scams Mobile Small Business Advertising 120

Malwarebytes

MAY 1, 2025

Google said attackers are having less success targeting browsers and mobile operating systems. In particular, exploitation of browsers and mobile devices was far lower this year than last. In 2022, it found 63 zero-day exploits, and the year before that it was 95, but 2019 and 2020 both showed just 31 zero-day exploits each.

Spyware 89

Spyware Mobile Technology Government 89

Security Affairs

APRIL 16, 2025

” In September, security researchers from G DATA discovered more than two dozen Android mobile phones from different manufacturers already infected by pre-installed malware. .” concludes the report that includes indicators of compromise (IoCs).

Malware 131

Malware Manufacturing Mobile Spyware 131

Malwarebytes

FEBRUARY 28, 2025

By definition, stalkerware is a term used to describe the toolssoftware programs and mobile appsthat enable someone to secretly spy on another persons private life via their mobile device. In the past we have written about similar problems with: mSpy , a mobile monitoring app which suffered multiple data breaches.

Mobile 106

Mobile Data breaches Marketing Internet 106

Krebs on Security

OCTOBER 17, 2024

At the same time, AnonSudan announced it was attacking the APIs that power Israel’s widely-used “red alert” mobile apps that warn residents about any incoming rocket attacks in their area. As Hamas fighters broke through the border fence and attacked Israel on Oct. 7, 2023, a wave of rockets was launched into Israel.

DDOS 267

DDOS Government Internet Internet 267

Security Affairs

OCTOBER 28, 2024

million mobile and fixed subscribers. “This suspected data breach reportedly affects Free Mobile and Freebox customers, with the data leak dating back to October 17, 2024, according to the cybercriminals.” Free S.A.S. is a French telecommunications company, subsidiary of Iliad S.A. ” wrote the cyber evangelist SaxX.

Cyber Attacks 129

Cyber Attacks Telecommunications Data breaches Banking 129

The Hacker News

MAY 8, 2025

SonicWall has released patches to address three security flaws affecting SMA 100 Secure Mobile Access (SMA) appliances that could be fashioned to result in remote code execution.

VPN 97

VPN Mobile Authentication 97

Schneier on Security

MARCH 7, 2025

It runs on a $20 mobile hotspot. The EFF has created an open-source hardware tool to detect IMSI catchers: fake cell phone towers that are used for mass surveillance of an area.

Surveillance 249

Surveillance Mobile 249