Android Archives - ThreatsHub Cybersecurity News

Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE

August 8, 2024 TH Author Android, macOS, Windows

Microsoft researchers found multiple vulnerabilities in OpenVPN that could lead to an attack chain allowing remote code execution and local privilege escalation. This attack chain could enable attackers to gain full control over targeted endpoints, potentially resulting in data breaches, system compromise, and unauthorized access to sensitive information.
The post Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps

May 1, 2024 TH Author Android, Credential Theft, remote code execution

Microsoft discovered a vulnerability pattern in multiple popular Android applications that could enable a malicious application to overwrite files in the vulnerable application’s internal data storage directory, which could lead to arbitrary code execution and token theft, among other impacts. We have shared our findings with Google’s Android Application Security Research team, as well as the developers of apps found vulnerable to this issue. We anticipate that the vulnerability pattern could be found in other applications. We’re sharing this research more broadly so developers and publishers can check their apps for similar issues, fix as appropriate, and prevent them from being introduced into new apps or releases.
The post “Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Social engineering attacks lure Indian users to install Android banking trojans

November 21, 2023 TH Author Android, Credential Theft

Microsoft has observed ongoing activity from mobile banking trojan campaigns targeting users in India with social media messages and malicious applications designed to impersonate legitimate organizations and steal users’ information for financial fraud scams.
The post Social engineering attacks lure Indian users to install Android banking trojans appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Protecting Android clipboard content from unintended exposure

March 6, 2023 TH Author Android, Cybersecurity, Microsoft, Microsoft security intelligence, Security

Microsoft discovered that the SHEIN Android application periodically read the contents of the Android device clipboard and, if a particular pattern was present, sent the contents of the clipboard to a remote server.
The post Protecting Android clipboard content from unintended exposure appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Vulnerability in TikTok Android app could lead to one-click account hijacking

August 31, 2022 TH Author Android, Cybersecurity, Microsoft, Microsoft security intelligence, Security, TikTok, Vulnerability

Microsoft discovered a high-severity vulnerability in the TikTok Android application, now identified as CVE-2022-28799 and fixed by TikTok, which could have allowed attackers to compromise users’ accounts with a single click.
The post Vulnerability in TikTok Android app could lead to one-click account hijacking appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Toll fraud malware: How an Android application can drain your wallet

June 30, 2022 TH Author Android, Cybersecurity, Microsoft security intelligence, Toll fraud malware

Toll fraud malware, a subcategory of billing fraud in which malicious applications subscribe users to premium services without their knowledge or consent, is one of the most prevalent types of Android malware – and it continues to evolve.
The post Toll fraud malware: How an Android application can drain your wallet appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Android apps with millions of downloads exposed to high-severity vulnerabilities

May 27, 2022 TH Author Android, Cybersecurity, Microsoft, Microsoft security intelligence, Mobile, Security, Vulnerability

Microsoft uncovered high-severity vulnerabilities in a mobile framework used by multiple large mobile service providers in pre-installed Android System apps that potentially exposed users to remote or local attacks.
The post Android apps with millions of downloads exposed to high-severity vulnerabilities appeared first on Microsoft Security Blog. READ MORE HERE…

Microsoft Secure

Sophisticated new Android malware marks the latest evolution of mobile ransomware

October 8, 2020 TH Author Android, Cybersecurity, human-operated ransomware, Microsoft security intelligence, mobile malware, mobile threat defense, ransomware

We found a piece of a particularly sophisticated Android ransomware with novel techniques and behavior, exemplifying the rapid evolution of mobile threats that we have also observed on other platforms.
The post Sophisticated new Android malware marks the latest evolution of mobile ransomware appeared first on Microsoft Security. READ MORE HERE…

Networkworld

Amid the pandemic, using trust to fight shadow IT

May 20, 2020 TH Author Android, Hardware, IDG Insider, ios, macOS, Mobile Management, Security, Software, Windows

With most workers scattered at home and trying to come up with their own ad-hoc IT workarounds, there’s an easy way for IT shops to build trust: communicate. (Insider Story) READ MORE HERE…

TrendMicro

This Week in Security News: Adware and Ransomware

January 11, 2019 TH Author adware, Android, Current News, Javascript, Malware, MongoLock, ransomware, Security

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about an adware that disguised itself as different apps and monitors mobile devices. Also, learn more about the different ransomware attacks Trend Micro has been tracking….
The post This Week in Security News: Adware and Ransomware appeared first on . Read More HERE…

← Previous