Collaborate Disseminate
About a week after the ruling against Apple, the European Commission ruled Meta’s ‘pay or consent’ model of offering subscriptions as an alternative to ads on Instagram or Facebook is against the terms of the DMA. Continue reading Meta and Apple Violated the Digital Marketing Act, EU Charges
BLint is a Binary Linter designed to evaluate your executables’ security properties and capabilities, utilizing LIEF for its operations. From version 2, BLint can also produce Software Bill-of-Materials (SBOM) for compatible binaries. BLint featu… Continue reading BLint: Open-source tool to check the security properties of your executables
Google has drastically increased the rewards bug hunters can get for reporting vulnerabilities in Android apps it develops and maintains. “We increased reward amounts by up to 10x in some categories (for example Remote Arbitrary Code Execution in… Continue reading Bug hunters can get up to $450,000 for an RCE in Google’s Android apps
Your smartphone might be part of a proxy network, and you might not even know it: all it takes is for you to download apps whose developers have included the functionality and didn’t mention it. If that doesn’t sound so bad, you should know… Continue reading Apps secretly turning devices into proxy network nodes removed from Google Play
The Mobile Security Framework (MobSF) is an open-source research platform for mobile application security, encompassing Android, iOS, and Windows Mobile. MobSF can be used for mobile app security assessment, penetration testing, malware analysis, and p… Continue reading MobSF: Open-source security research platform for mobile apps
A fraudulent app named “LassPass Password Manager” that mimics the legitimate LastPass mobile app can currently be found on Apple’s App Store, the password manager maker is warning. The fraudulent app on Apple’s App Store “The app in … Continue reading LassPass is not LastPass: Fraudulent app on Apple App Store
Computer science researchers have developed a new way to identify security weaknesses that leave people vulnerable to account takeover attacks, where an attacker gains unauthorized access to online accounts. Most mobiles are now home to a complex ecosy… Continue reading New method to safeguard against mobile account takeovers
Type @rating to add a smart chip in Google Sheets on the web for a viewer-friendly way to display zero-to-five star scores. Continue reading How to Use Stars in Google Sheets to Streamline Scoring
Android VPN apps that have gone through an independent security validation will now be able to claim that distinction on Google Play with a prominent badge in their Data Safety section. “We’ve launched this banner beginning with VPN apps due to t… Continue reading Google Play will mark independently validated VPN apps
A key monetization mechanism of a sophisticated series of cybercriminal operations involving backdoored off-brand mobile and CTV Android devices has been disrupted, Human Security has announced. The company’s Satori Threat Intelligence and Resear… Continue reading Backdoored Android phones, TVs used for ad fraud – and worse!