Chris Soghoian on Wireless Carriers and Android Security

Privacy and security activist Chris Soghoian criticized mobile carriers for their failure to provide regular software updates to Android handsets, leaving users vulnerable for months at a time...

Memory corruption

The PowerVR SGX driver in Android before 2.3.6 allows attackers to gain root privileges via an application that triggers kernel memory corruption using crafted user data to the pvrsrvkm device...

Intercepter-Ng - Pocket Sniffer For Android

Intercepter-NG is a multifunctional network toolkit for various types of IT specialists. It has functionality of several famous separate tools and more over offers a good and unique alternative of Wireshark for android. The main features are: network discovery with OS detection network traffic...

Code injection

The Breezy application for Android does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...

Android 4.2 Jelly Bean Security Improvements overview

Google is bringing a host of new features to its Android 4.2 Jelly Bean operating system designed to increase productivity, creativity and peace of mind and some very promising security improvements including: client side malware protection, Security Enhanced Linux, and always-on VPN. Most...

CVE-2011-3918

The Zygote process in Android 4.0.3 and earlier accepts fork requests from processes with arbitrary UIDs, which allows remote attackers to cause a denial of service reboot loop via a crafted application...

EUVD-2011-3872

The Zygote process in Android 4.0.3 and earlier accepts fork requests from processes with arbitrary UIDs, which allows remote attackers to cause a denial of service reboot loop via a crafted application...

Research Shows Half of All Androids Contain Known Vulnerabilities

About half of all Android phones contain at least one vulnerability that could be used to take control of the device, according to new research. Duo Security, which launched a free vulnerability scanning app for Android this summer, said their preliminary data from users shows a huge number of th...

Android Security Evaluation Framework: ASEF

Have you ever looked at your Android applications and wondered if they are watching you as well? Whether it’s a bandwidth-hogging app, aggressive adware or even malware, it would be interesting to know if they are doing more than what they are supposed to and if your personal information is...

ASEF Android Tool Analyzes App Security and Behavior

A researcher at Qualys has released a new tool designed to allow users–even non-technical ones–to evaluate the security and behaviors of the apps installed on their Android devices. Known as the Android Security Evaluation Framework, the tool not only looks at the general security of an app, but...

More Malware Using a Remote Payload Discovered on Google Play

Symantec is warning of new malware masquerading as two apps on Google Play that claimed up to 100,000 victims before the Trojan was removed. Both “Super Mario Bros.” and “GTA 3 Moscow City” racked up 50,000 to 100,000 downloads after being posted June 24 on Google Play. “What is most interesting...

Android Clickjacking Rootkit Demonstrated

Android Clickjacking Rootkit Demonstrated Mobile security researchers have identified an aspect of Android 4.0.4 Ice Cream Sandwich and earlier models that clickjacking rootkits could exploit. Researchers at NC State in the US have developed a proof-of-concept prototype rootkit that attacks the...

CVE-2012-1386

Unspecified vulnerability in the YouMail Visual Voicemail Plus com.youmail.android.vvm application 2.0.45 and 2.1.43 for Android has unknown impact and attack vectors...

Android Security - Boot Camp Workshop & Presentation #2

Document Title: =============== Android Security - Boot Camp Workshop & Presentation 2 References: =========== Mirror: https://www.vulnerability-lab.com/resources/documents/471.rar Release Date: ============= 2012-03-07 Vulnerability Laboratory ID VL-ID: ==================================== 471...

Security Enhanced (SE) Android Released by National Security Agency (NSA)

Security Enhanced SE Android Released by National Security Agency NSA The National Security Agency NSA releases the first version of Android Security Enhanced . The system is designed to minimize the impact of security holes on Android . SE Android project is enabling the use of SELinux in Androi...

Your Android really needs Antivirus Security ?

Why shouldn't you protect your Android phone? Why to use an Antivirus for your Android? So that users can protect their devices from trojans, viruses, spyware, and other types of malware. Most people carry a lot of sensitive data on their phones. Recently an SMS Trojan horse posing as a media...

The Appropriately Hyped Stories of 2011

It’s that most un-wonderful time of the year: the time when everyone writes fluffy articles full of lists, retrospectives and look-aheads. Even we did it. Many of these lists involve some variation on the theme of most overhyped or least organic or or most awesomest or lowest fat content. This...

Fake Antivirus Scams Targeting Android Users

Fake antivirus software, or “scareware” scams have been one of the tried and true methods that crooks have used to make illegal profits online in recent years. The scams often offer convincing replicas of legitimate anti malware software to trick users into installing malicious programs that can...

Best Free Android Security Software Avast Antivirus

Best Free Android Security Software Avast Antivirus For you who longing for free Android antivirus, this is an exciting THN news for you. Avast, one of the famous antivirus vendors, now has launched Android Antivirus you can use for free! This Antivirus mobile is named Avast Mobile Security. Avas...

Backdoor in Android for No-Permissions Reverse Shell

Backdoor in Android for No-Permissions Reverse Shell Security expert Thomas Cannon working at viaForensics as the Director of R&D has demonstrated a custom-developed app that installs a backdoor in Android smartphones – without requiring any permissions or exploiting any security holes. Thomas...