Mobile Security

payments with Apple Pay and Visa

Experts showed fraudulent payments from a locked iPhone with Apple Pay and a Visa card

Scientists talked about how to make fraudulent payments using Apple Pay with a Visa card on a locked iPhone. This…

Encryption algorithms for 2G networks have been intentionally weakened

A group of scientists from several European universities published a report on encryption algorithms for 2G networks, which many information…

Google stopped trying to shorten URLs in the address bar

Google’s experiment with attempt to shorten URLs (hiding parts of the URL from the address bar) has finally failed and…

Quantum computers will be able to hack bitcoin wallets

Experts argue that quantum computers will be able to hack bitcoin wallets, but the most advanced cryptographers are in a…

Six 0-day vulnerabilities fixed in Windows, including a commercial exploit issue

As part of June Patch Tuesday, 50 vulnerabilities in Microsoft products were fixed, including six 0-day vulnerabilities in Windows. Vulnerabilities…

browsers are vulnerable to url spoofing

Experts discovered that many mobile browsers are vulnerable to url spoofing

Rapid7 analysts and independent information security expert Rafay Baloch discovered that seven popular mobile browsers are vulnerable to url spoofing. They allow malicious sites to change the URL and display…

MalLocker ransomware tricks Russians

MalLocker ransomware easily tricks Russians, pretending to be a screen lock from the police

Microsoft experts talked about the new Android ransomware AndroidOS/MalLocker. (hereinafter simply MalLocker), which easily tricks Russians by pretending to be a screen lock from the police. Android ransomware abuses the…

Cellmate chastity belts vulnerable

Cellmate men’s chastity belts are vulnerable to attacks and dangerous for users

Pen Test Partners analysts have studied an extremely unusual device: the Cellmate male chastity belts, manufactured by the Chinese company Qiui. So Cellmate chastity belts turned out to be quite…

Google recruits a team of experts

Google recruits a team of experts to find bugs in Android applications

ZDNet reports that a number of new positions have been added to Google’s job list. The fact is that Google appears to be recruiting a team of Android security experts…

TikTok multi-factor authentication

Attackers can bypass TikTok multi-factor authentication through the site

Journalists of the ZDNet publication, citing one of their readers, report that the web version of TikTok did not receive multi-factor authentication (via mail and SMS), which developers established for…

Microsoft left Bing open

Microsoft left open one of the internal servers of the search engine Bing

Ata Hakcil, cyber security specialist at WizCase, discovered that Microsoft employees mistakenly left one of the Bing backend servers open – it was available to anyone. The researcher writes that…

SpiKey allows opening lock

SpiKey technique allows opening the lock by recording a sound of a turning key

Scientists from the National University of Singapore have published a report on the interesting SpiKey technique that allows opening a lock. They argue that having overheard and recorded the sound…

ReVoLTE attack on LTE networks

ReVoLTE attack allows overhearing other people’s conversations in LTE networks

Experts from the Ruhr University and New York University in Abu Dhabi have published information about the ReVoLTE attack, which allows decrypting and overhearing other people’s conversations on LTE networks.…

Citrix expects attacks on XenMobile

Citrix expects attacks on fresh issues in XenMobile

Citrix engineers released a number of Citrix Endpoint Management patches this week. Citrix expects attacks on XenMobile Server corporate mobile device management systems. These issues give an attacker the ability…

Garmin paid ransom to the WastedLocker

Media Reports that Garmin Paid Ransom to WastedLocker Malware Operators

In July 2020, Garmin, the manufacturer of wearable electronics and navigation equipment, suffered from a cyberattack and was forced to temporarily shut down a number of services. Now there is…

Vulnerabilities in Old GTP

Vulnerabilities in old GTP protocol could affect 4G and 5G networks

Experts cautioned that vulnerabilities in the old GTP (GPRS Tunneling Protocol) could quite seriously affect the operation of 4G and 5G networks. In reports published last week and in December…

COVID-19 Contact Tracking Apps

Fake COVID-19 contact tracking apps install banking trojans

Researchers from California-based IS company Anomali have discovered 12 fake COVID-19 patient contact tracking apps posing as official programs. Attackers are actively exploiting the panic around the coronavirus pandemic to…