Mobile InfoSec Industry News
Click here to subscribe to the monthly newsletter!
Powerful Android Spyware Discovered
Security researchers have discovered one of the most powerful and highly advanced Android spyware tools that gives hackers full control of infected devices remotely. Named Skygofree, the spyware has been designed for target surveillance, and is believed to have been targeting a large number of users for the past four years. The malware is being distributed through fake web pages mimicking leading mobile network operators including Whatsapp. | Read article.
First of its Kind Kotlin-written Malware Found in Google Play Store
Researchers have discovered a new malware application written in the Kotlin programming language, the first of its kind to be found. Kotlin is used for popular websites such as Twitter and Netflix. The app named Swift Cleaner, was found in the Google Play Store. | Read article.
Mobile App Created to Mimic Uber Application Steals Credentials
A malware program disguised as an Android app was recently found imitating Uber user interface, stealing users’ credentials. The malware periodically displays as an Uber UI on infected users’ devices asking for their Uber ID and password and showing their current location. The malware comes from an app found outside of the Play Store so users only using the Play Store should not be affected. | Read article.
Hundreds of GPS Location Tracking Services Leave User Data Open to Hacker
Multiple vulnerabilities in hundreds of GPS services were found that could enable hackers to expose a host of sensitive data on millions. The vulnerabilities include easy-to-guess passwords, exposed folders, insecure API endpoints, and insecure direct object reference issues. It effects a range of GPS-enabled devices including children trackers, car trackers, and pet trackers. | Read article.
OnePlus Attackers Steal Credit Card Data From 40,000 Customers
The smartphone vendor, OnePlus announced it was the victim of a security breach that exposed credit card information of up to 40,000 customers. A malicious script was operating intermittently on the OnePlus.net site and was able to capture data from end users’ web browsers and send the data back to the attacker. | Read article.
New iPhone Bug Can Crash Your Smartphone with a Single Text
iPhones, Apple computers, and iPads are vulnerable to a newly discovered bug that can crash a device with a “text bomb” containing a link to the bug’s code. The bug then causes the device to crash and restart. | Read article.
SyncDog Latest NewsSyncDog, Inc. Announces Partnership with TeraDact Solutions, Inc. to Improve the Secure.Systems™ Workspace, Helping Prepare for the EU’s New GDPR
SyncDog is partnering with TeraDact Solutions, a Montana-based software company that works to improve security in sensitive document and information management. This added application will help users improve their mobility security management in preparation for the EU’s new General Data Protection Regulation (GDPR) that will strengthen security compliance regarding EU citizens’ data protection. | Read more.
SyncDog Announces Sponsorship at the Health Information and Management Systems Society (HiMSS) Annual Conference and Exhibition on March 5-9
SyncDog is once again sponsoring the HiMSS conference on March 5-9 in Las Vegas. SyncDog will be exhibiting their leading mobile application security product, Secure.Systems™, with live demonstrations from booth #12449. | Read more.
InfoSec Industry Events
February 2: BSides Huntsville: Huntsville, AL: Event Link
February 7: SIRAcon 2018: Seattle, WA: Event Link
February 13: Cyber Security Summit 2018: San Jose, CA: Event Link
February 19: SANS Cloud Security Summit: San Diego, CA: Event Link
February 27: CUISPA 2018: San Antonio, TX: Event Link
Upcoming SyncDog Events
March 5-9: HiMSS Conference: Las Vegas, NV: Booth #12449: Event Link
March 5-6: Microsoft Tech Summit: Washington, D.C. Event Link
March 19-20: Microsoft Tech Summit: San Francisco, CA Event Link
April 16-20: RSA Conference: San Francisco, CA: Booth #4429 Event Link
