TikTok was hit Wednesday with a pair of lawsuits from the US state of Indiana, which accused it of making false claims about the Chinese-owned app’s safety for children.
TikTok Hit by US Lawsuits Over Child Safety, Security Fears
Over 75 Vulnerabilities Patched in Android With December 2022 Security Updates
Google this week announced the December 2022 Android updates with patches for over 75 vulnerabilities, including multiple critical remote code execution (RCE) flaws.
The most severe of the RCE bugs is CVE-2022-20411, an issue in Android’s System component that could be exploited over Bluetooth.
‘Scattered Spider’ Cybercrime Group Targets Mobile Carriers via Telecom, BPO Firms
A threat actor tracked as ‘Scattered Spider’ is targeting telecommunications and business process outsourcing (BPO) companies in an effort to gain access to mobile carrier networks and perform SIM swapping, cybersecurity firm CrowdStrike warns.
Google Migrating Android to Memory-Safe Programming Languages
Google is seeing a significant decrease in memory safety issues in Android due to the progressive migration to memory-safe programming languages, such as Rust.
‘Schoolyard Bully’ Android Trojan Targeted Facebook Credentials of 300,000 Users
Mobile security firm Zimperium is warning of an Android trojan that may have stolen Facebook credentials from a large number of users.
Hack-for-Hire Group Targets Android Users With Malicious VPN Apps
A hack-for-hire group known as Bahamut has been targeting Android users with trojanized versions of legitimate VPN applications, ESET reports.
US Bans Huawei, ZTE Telecoms Gear Over Security Risk
US authorities announced a ban Friday on the import or sale of communications equipment deemed “an unacceptable risk to national security” — including gear from Chinese giants Huawei Technologies and ZTE.
Google Ready to Roll Out Android Privacy Sandbox in Beta
Google this week announced plans to roll out Android Privacy Sandbox in beta starting early next year, delivering a more private advertising experience to mobile users.
Google Pays $70k for Android Lock Screen Bypass
Google recently handed out a $70,000 bug bounty reward for an Android vulnerability leading to lock screen bypass, security researcher David Schutz says.
Google Reveals Spyware Vendor’s Use of Samsung Phone Zero-Day Exploits
Google Project Zero has disclosed the details of three Samsung phone vulnerabilities that have been exploited by a spyware vendor since when they still had a zero-day status.