mobile devices

MH-17 Disinformation Tweets

Episode 155: Disinformation is a Cyber Weapon and APTs warm to Mobile Malware

In this week’s episode of the Podcast (#155): Jerome Segura of Malwarebytes joins us to talk about how disinformation campaigns and cyber crime are part of the same toxic cocktail in the world’s trouble spots, like Ukraine. Also: Adam Meyers of CrowdStrike joins us to talk about that company’s first ever report on mobile malware, which is gaining currency with advanced persistent threat (APT) groups.

Israeli Group Exploited WhatsApp to Spy on Users

An Israeli firm has exploited a flaw in the popular messaging mobile app WhatsApp to plant spyware on iPhones and Android. One phone call is all it takes for software developed by the Israeli firm NSO Group to install itself on a vulnerable iPhone or Android device, according to a published report in the FT Times. The publication broke the news, saying it potentially affects 1.5 billion users of the Facebook-owned WhatsApp messaging application, on Monday. WhatsApp quickly issued a fix for the exploit, described in an alert on the Facebook website as “a buffer overflow vulnerability in WhatsApp VOIP stack” that allows for “remote code execution via specially crafted series of SRTCP packets sent to a target phone number.” “WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed […]

Report: China Eyes IoT as Next Front of Cyber War on U.S.

China is eyeing dominance of the Internet of Things (IoT) market and may use vulnerabilities in these technologies as the next front on its ongoing cyberwar with the United States, according to a new report.

BLU smart phone

BLU settles with FTC over unauthorized transmission of personal customer data to China

Florida-based mobile device maker BLU has settled with the Federal Trade Commission (FTC) over charges it allowed a Chinese partner to collect detailed personal customer information from some of its devices without authorization or consent.