TechNadu1d ago

Hundreds of free VPN apps on Android & iOS found exposing data:

- Outdated encryption (Heartbleed CVE-2014-0160)
- TLS bypass → MitM attacks
- GPS tracking & keylogging
- iOS apps missing privacy manifests

Full report: https://www.technadu.com/hundreds-of-free-vpn-apps-expose-user-data-on-android-and-ios/610816/

#CyberSecurity #VPN #MobileSecurity

TechNadu1d ago

🚨 Android Spyware Alert: ProSpy & ToSpy
ESET has discovered Android spyware campaigns targeting Signal and ToTok users.

These malicious apps, distributed via fake websites, exfiltrate contacts, SMS, media, and device data.

⚠️ Do NOT install apps from unofficial sources! Stay vigilant.
💬 How can mobile users and organizations improve defenses against spyware? Discuss & follow @technadu for cybersecurity alerts.

#ProSpy #ToSpy #AndroidMalware #CyberSecurity #MobileSecurity #SpywareAlert #Privacy #Infosec #ThreatIntel

bsidesnova3d ago

Become a digital archaeologist! ⛏️ Learn Android static analysis to crack open APKs and expose hidden vulnerabilities, from hardcoded secrets to lazy permissions, before hackers do. #MobileSecurity #ReverseEngineering #BSidesNoVA

Workshop https://bsidesnova-2025.sessionize.com/session/999403
Ticket https://tinyurl.com/bsidesnova2025tix

LukaSep 25
Προσφέρει μέγιστη ασφάλεια για το κινητό η eSIM; Ακόμα και αν χαθεί ή κλαπεί η συσκευή, μπορεί να στείλει την τοποθεσία της και να προστατεύσει τα προσωπικά σου δεδομένα; Μάθε στο παρακάτω άρθρο!
https://greek-nea.com/giati-to-esim-einai-pio-asfales-apo-tin-klasiki-sim
#eSIM #ΑσφάλειαΚινητού #FindMyiPhone #ΨηφιακήSIM #ΠροστασίαΔεδομένων #MobileSecurity #ActivationLock #SIMvsESIM #Κινητό #Τεχνολογία
Γιατί η eSIM είναι πιο ασφαλές από την κλασική SIM

Γιατί το eSIM είναι πιο ασφαλές από την κλασική SIM; Στον σύγχρονο ψηφιακό κόσμο, η ασφάλεια των κινητών τηλεφώνων και των προσωπικών

Τεχνολογικά Νέα
EndoacusticaSep 25

🚀 Introducing the Future of Mobile Security: MDP-X by Endoacustica 🛡️

🔹 Stops zero-click attacks before they strike
🔹 Detects malware, phishing, and spyware in real time
🔹 Blocks risky Wi-Fi, DNS hijacking & MITM attacks
🔹 Runs 100% offline with our patented z9™ AI engine

📲 Secure your devices. Safeguard your data. Stay one step ahead.

👉 Request a demo now: https://forpressrelease.com/forpressrelease/659474/21/endoacustica-launches-ai-powered-mobile-device-protection-app-for-android-and-iphone

#mobilesecurity #cybersecurity #AIprotection #enterprisesecurity #endoacustica #malwareprotection

Endoacustica Launches AI-Powered Mobile Device Protection App for Android and iPhone

Endoacustica has launched the MDP-X Mobile Device Protection (MDP) app, a next-generation cybersecurity solution powered by artificial intelligence and behavioral analysis. Designed for both corporate and personal use, the application delivers real-time defense against malware, phishing, zero-click exploits, and network-based intrusions, without relying on cloud connectivity. At the core of MDP-X is the patented z9 engine, an AI-driven system that performs continuous on-device monitoring of operating system behavior, app activity, and network traffic. By analyzing patterns locally, the app detects anomalies associated with rooting attempts, jailbreaking, DNS hijacking, man-in-the-middle (MITM) attacks, and malicious payloads delivered via messaging or Wi-Fi. This offline-first approach ensures immediate threat identification even in disconnected or high-risk environments. The app runs autonomously once installed, automatically scanning for vulnerabilities and issuing instant aler

jpmellojrSep 24
Secret Service dismantles massive SIM farm. Mobile domain becoming security battleground.
https://jpmellojr.blogspot.com/2025/09/secret-service-telecom-takedown-sparks.html
#MobileSecurity #SIMFarm #NationalSecurity #SecretService
HackerNews VN botSep 22

🔒 Khám phá Hardened Malloc - trình cấp phát bộ nhớ an toàn của GrapheneOS! Bài viết phân tích cách công cụ này tăng cường bảo mật hệ thống thông qua cơ chế phân bổ bộ nhớ cứng, chống lại các lỗ hổng phổ biến. Một bước tiến quan trọng trong bảo mật di động! 📱🛡️

#BảoMật #GrapheneOS #HardenedMalloc #AnToànThôngTin #CyberSecurity #MobileSecurity #BộNhớ #PhátTriểnỨngDụng

https://www.synacktiv.com/en/publications/exploring-grapheneos-secure-allocator-hardened-malloc

Exploring GrapheneOS secure allocator: Hardened Malloc

Exploring GrapheneOS secure allocator: Hardened Malloc

Synacktiv
Just a trash panda 🦝Sep 22

An Israeli frim is found spying on 2 billion West Asians and North Africans using an app automatically pushed to their Samsung branded phones. The data is supposedly used for App Recommendations and Targeted Advertising.

The app has not been found present on American or European phones.

Link: https://www.sunnafiles.com/israeli-appcloud-samsung-aura-privacy/

H/T: @DarkWebInformer https://infosec.exchange/@DarkWebInformer/115233138814464493

#israel #privacy #samsung #mobilesecurity

TechNaduSep 20

APIs are now the #1 attack surface for mobile apps.
📊 50% of apps expose hardcoded secrets
📊 1 in 3 Android + 1 in 2 iOS apps leak sensitive data
📊 Traditional API gateways don’t stop in-app tampering
The defense? API hardening + attestation inside the app.

💬 Do you see enterprises adopting this shift, or are most still stuck at the perimeter?

Follow @technadu for daily #InfoSec breakdowns.

#CyberSecurity #MobileSecurity #AppSec #APIsecurity #ZeroTrust #ThreatIntel

lurielSep 19

Hey folks,

I just published a new vulnerability research write-up: **Who Scans the Scanner? Exploiting Trend Micro Mobile Security**.

🔎 Quick summary:

- Info disclosure via device reports page (unauthenticated)

- Stored XSS in the web console = session hijack via enroll key

- Android agent routine manipulation (lab-only) = potential code execution vector

✅ Vendor was contacted, patch released, researcher credited in the Hall of Fame.

📄 Full writeup + PoC demo: https://hakaisecurity.io/who-scans-the-scanner-exploiting-trend-micro-mobile-security/research-blog/

#InfoSec #AppSec #MobileSecurity #RedTeam