Phishing attacks remain the bane of information security specialists and missions across government, and as they advance in sophistication, the Homeland Security Department is attempting to better protect against them.
CS Digest Section: Mobile Security
A Volt Out of the Blue: Phone Batteries Reveal What You Typed and Read
A group of researchers has demonstrated that smartphone batteries can offer a side-channel attack vector by revealing what users do with their devices through analysis of power consumption.
https://www.theregister.co.uk/2018/06/25/the_battery_is_the_smartphones_ibesti_snitch_boffins/
Thousands of Mobile Apps Leak Data from Firebase Databases
Thousands of mobile applications running on iOS and Android have exposed over 113 gigabytes of data from 2,300 unsecured Firebase databases, enterprise mobile security firm Appthority says in a new report.
https://www.securityweek.com/thousands-mobile-apps-leak-data-firebase-databases
U.S. Reaches Deal to Keep China’s ZTE in Business: Congressional Aide
The Trump administration told lawmakers the U.S. government has reached a deal to put Chinese telecommunications company ZTE Corp back in business after it pays a significant fine and makes management changes, a senior congressional aide said on Friday.
In Android P, Google is Fixing Flaw That Let Apps Secretly Track Users for Years
A flaw that allowed apps to monitor user network activity will be fixed, but not for all apps.
Apple Is Struggling To Stop A ‘Skeleton Key’ Hack On Home Wi-Fi
Even with all Apple's expertise and investment in cybersecurity, there are some security problems that are so intractable the tech titan will require a whole lot more time and money to come up with a fix. Such an issue has been uncovered by Don A. Bailey, founder of Lab Mouse Security, who described to Forbes a hack that, whilst not catastrophic, exploits
Sophisticated APT Surveillance Malware Comes to Google Play
Hackers pushing nation-state-style surveillance malware recently scored a major coup by getting three advanced malicious applications hosted in Google's official Play marketplace, researchers said. Google removed the apps after receiving notification of their presence.
U.S. Bans American Companies From Selling to Chinese Phone Maker ZTE
The U.S. Department of Commerce has banned American companies from selling components to leading Chinese telecom equipment maker ZTE Corp for seven years for violating the terms of a sanctions violation case, U.S. officials said on Monday.
Monero-Mining HiddenMiner Android Malware Can Potentially Cause Device Failure
New Android malware that can surreptitiously use the infected device's computing power to mine Monero. Trend Micro detects this as ANDROIDOS_HIDDENMINER. This Monero-mining Android app's self-protection and persistence mechanisms include hiding itself from the unwitting user and abusing the Device Administrator feature (a technique typically seen in SLocker
Calendar 2 Made $2K in 3 Days Mining Cryptocurrency, but Apple Says it Violated Mac App Store Guidelines
"Yesterday, we reported on a macOS app called Calendar 2 that seemingly added cryptocurrency mining as an alternative to paying for premium features. At the time, the app's developers, Qbix, had made the decision to remove the feature from the app. The company now tells us, however, that Apple ended up pulling the app from the Mac App Store for violating its
https://9to5mac.com/2018/03/13/crypto-mining-calendar-app-ios/
