🔁 Simple security habit: reboot your phone regularly.

Much of today's mobile malware — including advanced spyware — lives only in memory and doesn't survive a restart. A weekly reboot won't stop everything, but it disrupts attacks at zero cost.

Small habit, real benefit.

#CyberSecurity #MobileSecurity #InfoSec #Privacy

Lookout’s latest report highlights growing mobile AI governance risks - shadow AI, unmanaged apps, and sensitive data exposure are turning smartphones into a new governance blind spot. 📱🤖 #MobileSecurity #AIGovernance

https://www.helpnetsecurity.com/2026/06/11/lookout-mobile-ai-governance-risks-report/

I was tired of digging through endless random cybersecurity lists, so naturally I built another random cybersecurity list - just cleaner, prettier and actually organized.

Hack Hub is a curated directory of useful security resources.

https://hackhub.fyi

#CyberSecurity #InfoSec #Hacking #EthicalHacking #Pentesting #RedTeam #BlueTeam #DFIR #OSINT #ThreatIntel #MalwareAnalysis #BugBounty #CloudSecurity #MobileSecurity #OpenSource #SecurityTools #SecurityResearch #Linux #Hackers #Tech

Mobile apps are not “just apps” anymore!

They’re connected platforms handling identities, payments, sessions, APIs, and critical business workflows.

In this special episode of @sharedsecurity I talked with Joel DeStefano, Senior Product Manager at Guardsquare, about the modern mobile application threat landscape and why organizations need to rethink mobile app security.

We covered runtime manipulation, API abuse, account takeover, fake apps, overlays, reverse engineering, iOS vs Android risk, AI-assisted attacks, and why backend-only security is not enough.

Learn more about Guardsquare:https://guardsquare.com

Watch on YouTube:
https://youtu.be/C5eWp9IB30U

Listen wherever you like to get your podcasts:
https://sharedsecurity.net/2026/06/10/mobile-application-security-what-every-organization-needs-to-know/

#podcast #cybersecurity #mobilesecurity

📰 Mobile Banking Malware Surges 360% as Sophisticated Trojans Target 1,243 Financial Brands

📱 Mobile banking is under siege! Attacks are up 3.6x, with new trojans like Sturnus using 'blackout' modes to steal money while your screen is off. 1,243 financial brands are being targeted globally. 💸 #MobileSecurity #Malware #Banking

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/mobile-banking-malware-surges-3-6-fold-as-trojans-target-financial-apps-world…

Reverse engineered the Mintegral MBridge SDK (common in gaming APKs with aggressive adv).
The SDK assembles exfiltration endpoints at runtime via AES/XOR decryption + Android IPC Intents. No hardcoded domain in the binary. MobSF classifies the package as Advertisement and stops there. Knox and Play Protect see legitimate inter-process communication between signed components — nothing to flag.
Extracted 6 C2/collection domains. Loaded them into AegisDNS as a SIGINT feed.
Both Knox and Play Protect: no block, no alert.
AegisDNS: all 6 blocked at resolution.
The IPC obfuscation chain is effective against every on-device analysis layer. It stops at port 53 — the one operation the OS cannot perform inside the obfuscation boundary.
Full write-up with architecture, the structural argument for perimeter DNS vs MTD, and operational trade-offs (block rate, DoH bypass mitigation via iptables, PCRE2/FFI trade-off):

https://cariagiovannib.wordpress.com/2026/06/06/crowdstrike-didnt-block-it-knox-didnt-block-it-a-dns-query-did/

#dns #android #reverseengineering #infosec #mobilesecurity

Prywatność i cyberbezpieczeństwo to nie są hobbystyczne fanaberie dla ludzi w foliowych czapeczkach. Skompromitowane urządzenie mobilne to bezpośrednie zagrożenie dla Twojego życia osobistego, finansów i spokoju psychicznego.

Właśnie ruszyłem ze swoim blogiem, a to mój pierwszy wpis:
🔗 https://meridian.bearblog.dev/droga_do_grapheneos/

Opisuję w nim historię z ukrytym korporacyjnym MDM na moim telefonie i to, jak techniki Incident Response oraz przejście na GrapheneOS pozwoliły mi odzyskać kontrolę.

To mój debiut, dlatego bardzo zależy mi na Waszym feedbacku. Co myślicie o tym tekście? Dajcie znać w komentarzach, czy taka tematyka Was interesuje i czy chcecie kolejne wpisy o konfiguracji i hardeningu GrapheneOS! 🛡️📱

#GrapheneOS #Cybersecurity #Privacy #Prywatnosc #Bezpieczenstwo #FOSS #MobileSecurity #PlFediverse #Blog

Google Gemini on Android Exposed to Notification-Based Hijacking

Researchers have uncovered a vulnerability in Google Gemini on Android that allows hackers to hijack the assistant using a single hostile notification, no malicious app required. This shocking exploit lets anyone able to push a notification to a device deliver a payload and take control.

https://osintsights.com/google-gemini-on-android-exposed-to-notification-based-hijacking?utm_source=mastodon&utm_medium=social

#AndroidSecurity #GoogleGemini #NotificationbasedHijacking #EmergingThreats #MobileSecurity

Mobile malware is becoming a billing engine.
Kern Smith of Zimperium explains how Android fraud campaigns silently subscribe victims to premium SMS services, intercept OTPs, and monetize users through carrier billing systems.
🔶 Carrier-specific targeting
🔶 OTP interception
🔶 Silent subscriptions
🔶 Automated monetization

Read the full discussion:
https://www.technadu.com/when-your-phone-is-subscribed-without-consent-the-attack-has-already-worked/628818/

#MobileSecurity #Android #SMSFraud #CyberSecurity #ThreatResearch #Malware