Krebs on Security

APRIL 10, 2025

China-based purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. If the visitor supplies that one-time code, their payment card is then added to a new mobile wallet on an Apple or Google device that is physically controlled by the phishers.

Phishing 225

Phishing Banking Mobile Retail 225

Krebs on Security

FEBRUARY 6, 2025

New mobile apps from the Chinese artificial intelligence (AI) company DeepSeek have remained among the top three “free” downloads for Apple and Google devices since their debut on Jan.

Risk 280

Risk Artificial Intelligence Mobile Encryption 280

Cisco Security

APRIL 3, 2025

Cisco is the sole supplier of network services to Mobile World Congress, expanding into security and observability, with Splunk.

Mobile 104

Mobile Firewall Cybersecurity 104

Krebs on Security

JANUARY 16, 2025

Those who fall for the scam are asked to provide payment card data, and eventually will be asked to supply a one-time password sent via SMS or a mobile authentication app. Notably, none of the phishing pages will even load unless the website detects that the visitor is coming from a mobile device.

Phishing 296

Phishing Scams Mobile Passwords 296

Krebs on Security

MARCH 21, 2025

states last week independently announced arrests of Chinese nationals accused of perpetrating a novel form of tap-to-pay fraud using mobile devices. If you own a mobile phone, the chances are excellent that at some point in the past two years it has received at least one phishing message that spoofs the U.S. Image: WLVT-8.

Phishing 206

Phishing Mobile Scams Banking 206

SecureList

NOVEMBER 29, 2024

Non-mobile statistics IT threat evolution in Q3 2024. Mobile statistics The statistics presented here are based on detection verdicts by Kaspersky products and services received from users who consented to providing statistical data. IT threat evolution in Q3 2024 IT threat evolution in Q3 2024.

Mobile 106

Mobile Adware Ransomware Malware 106

Schneier on Security

NOVEMBER 26, 2024

which are two recently released versions of Apple’s mobile operating system, according to documents describing the tool’s capabilities in granular detail obtained by 404 Media. The documents do not appear to contain information about what Graykey can access from the public release of iOS 18.1, which was released on October 28.

Media 280

Media Manufacturing Mobile Hacking 280

Malwarebytes

APRIL 3, 2025

Up to one in five of the most popular mobile VPNs for iOS last year are owned by Chinese companies that do their best to hide the fact. Mobile VPNs are apps that connect your smartphone to the internet via different computers around the world. The company developed several mobile apps for Innovative Connecting Pte.

VPN 138

VPN Mobile Government Technology 138

Krebs on Security

DECEMBER 3, 2024

Interisle sources data about cybercrime domains from anti-spam organizations, including the Anti-Phishing Working Group (APWG), the Coalition Against Unsolicited Commercial Email (CAUCE), and the Messaging, Malware, and Mobile Anti-Abuse Working Group (M3AAWG).

Cybercrime 280

Cybercrime Phishing Accountability Internet 280

Security Affairs

MARCH 29, 2025

“The emergence of the Crocodilus mobile banking Trojan marks a significant escalation in the sophistication and threat level posed by modern malware. Crocodilus tricks victims into revealing their seed phrase by displaying a fake warning, then logs the text via Accessibility features to steal and drain crypto wallets.

Banking 67

Banking Mobile Identity Theft Malware 67

Krebs on Security

APRIL 29, 2024

Federal Communications Commission (FCC) today levied fines totaling nearly $200 million against the four major carriers — including AT&T , Sprint , T-Mobile and Verizon — for illegally sharing access to customers’ location information without consent.

Wireless 322

Wireless Mobile Technology 322

Security Affairs

NOVEMBER 25, 2024

” An SMS blaster attack is a cyberattack where a large number of malicious or fraudulent SMS messages are sent to mobile devices within a specific area or to a targeted group. SMS blaster attacks can exploit vulnerabilities in mobile networks and typically require proximity to the targeted devices for localized attacks.

Mobile 123

Mobile Scams Technology Telecommunications 123

Krebs on Security

NOVEMBER 1, 2024

KrebsOnSecurity last week heard from a reader whose close friend received a targeted phishing message within the Booking mobile app just minutes after making a reservation at a California. ” The phony booking.com website generated by visiting the link in the text message.

Phishing 259

Phishing Accountability Artificial Intelligence Cybercrime 259

Security Affairs

OCTOBER 22, 2024

A vulnerability resides in Samsung mobile processors and according to the experts, it has been chained with other vulnerabilities to achieve arbitrary code execution on vulnerable devices. The vulnerability is a use-after-free issue, attackers could exploit the flaw to escalate privileges on a vulnerable Android device.

Firmware 144

Firmware Mobile Spyware Media 144

eSecurity Planet

FEBRUARY 26, 2025

Cybercriminals are shifting their focus from emails to text messages, using mishing a more deceptive form of phishing to target mobile users and infiltrate corporate networks, according to new security research by Zimperium. Zimperium found that mishing activity peaked in August 2024, with over 1,000 daily attacks recorded. What is mishing?

Phishing 87

Phishing Mobile Social Engineering Data breaches 87

Malwarebytes

APRIL 3, 2025

Not one but several worried parents that tracked their children by using T-Mobile tracking devices suddenly found that they were looking at the location of random other children. T-Mobile sells a small GPS tracker called SyncUP , which can be used to track, among others, the locations of young children who dont have cell phones yet.

Mobile 100

Mobile Media Surveillance Technology 100

Security Affairs

OCTOBER 17, 2024

VMWare warns to address a remote code execution vulnerability, tracked as CVE-2024-38814 (CVSS score of 8.8), in its HCX application mobility platform. ” VMware HCX (Hybrid Cloud Extension) is a workload mobility platform designed to simplify the migration, rebalancing, and continuity of workloads across data centers and clouds.

Authentication 130

Authentication Mobile Hacking Information Security 130

Schneier on Security

NOVEMBER 13, 2024

The mobile scanners on cars are not mapped. DeFlock is a crowd-sourced project to map license plate scanners. It only records the fixed scanners, of course. The post Mapping License Plate Scanners in the US appeared first on Schneier on Security.

Mobile 291

Mobile Surveillance 291

Krebs on Security

DECEMBER 29, 2024

Much of my summer was spent reporting a story about how advertising and marketing firms have created a global free-for-all where anyone can track the daily movements and associations of hundreds of millions of mobile devices , thanks to the ubiquity of mobile location data that is broadly and cheaply available.

Scams 220

Scams Cybercrime Cryptocurrency Social Engineering 220

NSTIC

NOVEMBER 13, 2024

If you are interested in the world of digital identities, you have probably heard some of the buzzwords that have been floating around for a few years now… “verifiable credential,” “digital wallet,” “mobile driver’s license” or “mDL.” But what exactly is a verifiable digital credential?

Insurance 133

Insurance Mobile 133

Security Affairs

APRIL 16, 2025

” In September, security researchers from G DATA discovered more than two dozen Android mobile phones from different manufacturers already infected by pre-installed malware. .” concludes the report that includes indicators of compromise (IoCs).

Malware 127

Malware Manufacturing Mobile Spyware 127

Security Affairs

APRIL 19, 2025

Threat actors are actively exploiting a remote code execution flaw in SonicWall Secure Mobile Access (SMA) appliances since January 2025. Arctic Wolf researchers warn that threat actors actively exploit a vulnerability, tracked as CVE-2021-20035 (CVSS score of 7.1), in SonicWall Secure Mobile Access (SMA) since at least January 2025.

Passwords 105

Passwords VPN Firewall Accountability 105

Malwarebytes

FEBRUARY 11, 2025

They started developing entire mobile apps on Android that could provide the same level of theft. These decoy apps are often hosted on less popular mobile app stores, as the protections of the Google Play store often flag and remove these apps, should they ever sneak onto the marketplace. A low number of reviews may signal a decoy app.

Phishing 128

Phishing Passwords Mobile Authentication 128

Security Affairs

APRIL 13, 2025

Cell C is the fourth-largest mobile network operator in South Africa, , after Vodacom, MTN, and Telkom. The company founded in 2001 offers prepaid and postpaid mobile plans, data bundles and internet services, fiber broadband, roaming and international calling, SIM-only plans and device deals.

Data breaches 126

Data breaches Unstructured Data Identity Theft Healthcare 126

Security Affairs

MARCH 28, 2025

. “Preliminary findings indicate that the suspects developed malware called Mamont, which they distributed via Telegram channels under the guise of safe mobile applications and video files. Crooks typically disguise the malicious code as legitimate mobile apps or video files.

Banking 113

Banking Computers and Electronics Mobile Malware 113

Security Affairs

APRIL 2, 2025

The Triada Trojan was spotted for the first time in 2016 by researchers at Kaspersky Lab who considered it the most advanced mobile threat seen to the date of the discovery. Researchers at Dr.Web discovered the Triada Trojan pre-installed on newly shipped devices of several minor brands, including Advan, Cherry Mobile, Doogee, and Leagoo.

Malware 120

Malware Cryptocurrency Mobile Firmware 120

SecureWorld News

MARCH 31, 2025

Don't overlook mobile and shadow data Modern IT environments extend well beyond servers and cloud storage. Tim Roddy, VP of Product Advocacy at Zimperium, points to a growing blind spot, saying, "Cybercriminals now take on a mobile-first attack strategy targeting mobile devices with sophisticated threats."

Backups 95

Backups Mobile Encryption CISO 95

Krebs on Security

NOVEMBER 21, 2024

technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. Image: Amitai Cohen twitter.com/amitaico.

Identity Theft 250

Identity Theft Phishing Cryptocurrency Accountability 250

Malwarebytes

APRIL 9, 2025

WhatsApp offers a desktop application for Windows and macOS, which users can synchronize with their mobile devices. Desktop versions of WhatsApp are generally used as extensions of mobile apps rather than primary platforms. WhatsApp has over 3.14

Mobile 113

Mobile Accountability Risk Cybersecurity 113

Malwarebytes

FEBRUARY 27, 2025

Combining official-looking Google search ads with specially-crafted PayPal pay links, makes this scheme particularly dangerous on mobile devices due to their screen size limitation and likelihood of not having security software. There are also security solutions that can block ads and malicious links, such as Malwarebytes for mobile devices.

Scams 113

Scams Mobile Small Business Advertising 113

Security Affairs

OCTOBER 28, 2024

million mobile and fixed subscribers. “This suspected data breach reportedly affects Free Mobile and Freebox customers, with the data leak dating back to October 17, 2024, according to the cybercriminals.” Free S.A.S. is a French telecommunications company, subsidiary of Iliad S.A. ” wrote the cyber evangelist SaxX.

Cyber Attacks 124

Cyber Attacks Telecommunications Data breaches Banking 124

Malwarebytes

FEBRUARY 28, 2025

By definition, stalkerware is a term used to describe the toolssoftware programs and mobile appsthat enable someone to secretly spy on another persons private life via their mobile device. In the past we have written about similar problems with: mSpy , a mobile monitoring app which suffered multiple data breaches.

Mobile 100

Mobile Data breaches Marketing Internet 100

Schneier on Security

MARCH 7, 2025

It runs on a $20 mobile hotspot. The EFF has created an open-source hardware tool to detect IMSI catchers: fake cell phone towers that are used for mass surveillance of an area.

Surveillance 240

Surveillance Mobile 240

IT Security Guru

JANUARY 22, 2025

The Evolving Web Landscape Before we dive into the plugins, let’s look at some website basics that are so crucial in 2025: Mobile-First Indexing: Google loves mobile-friendly websites. Equal attention should be given to both desktop and mobile experiences. Your site needs to be responsive and perform well on all devices.

Artificial Intelligence 117

Artificial Intelligence Backups Mobile Firewall 117

Krebs on Security

OCTOBER 17, 2024

At the same time, AnonSudan announced it was attacking the APIs that power Israel’s widely-used “red alert” mobile apps that warn residents about any incoming rocket attacks in their area. As Hamas fighters broke through the border fence and attacked Israel on Oct. 7, 2023, a wave of rockets was launched into Israel.

DDOS 249

DDOS Government Internet Internet 249

Malwarebytes

APRIL 7, 2025

xin Did you know that Malwarebytes for mobile scans your texts for scams and blocks known malicious sites? Keep threats off your mobile devices by downloading Malwarebytes for iOS , and Malwarebytes for Android today. Indicators of Compromise (IoCs) Domains involved in toll fee scams: com-roadioe[.]cc cc uoshxkdhkz[.]top

Scams 114

Scams Phishing Mobile Internet 114

Schneier on Security

AUGUST 31, 2023

A used government surveillance van is for sale in Chicago: So how was this van turned into a mobile spying center? Well, let’s start with how it has more LCD monitors than a Counterstrike LAN party. They can be used to monitor any of six different video inputs including a videoscope camera.

Surveillance 335

Surveillance Government Mobile Media 335