0x40k<p>Whoa, things are heating up again in the Android world... Watch out for "Crocodilus," a nasty new banking trojan that's currently zeroing in on folks in Spain and Turkey. 🐊 Now, it might sound like your standard-issue malware at first, but this one's got some particularly devious tricks. It's not *just* snagging login details – it's also after the seed phrases for crypto wallets. 🤯</p><p>Here’s the kicker: it disguises itself as Google Chrome and tries to trick you into granting Accessibility Services permissions. If you give it that access, you've basically handed over the keys to your device. Seriously, it can then read everything on your screen, see every tap you make... and you wouldn't even know, because it can black out the screen while it does its dirty work. 🙈 Total stealth mode.</p><p>As someone in penetration testing, I unfortunately run into this kind of threat all too often. Clients sometimes say, "But I have antivirus software!" The hard truth? Against sophisticated attacks like this, basic AV often won't cut it.</p><p>So, the usual advice is more critical than ever: Be super careful about the apps you install and *always* double-check the permissions they ask for! And please, use Multi-Factor Authentication (MFA) wherever you can! 🔐</p><p>I'm curious – what security measures do you have running on your smartphone? Drop your tips below!</p><p><a href="https://infosec.exchange/tags/AndroidSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AndroidSecurity</span></a> <a href="https://infosec.exchange/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/BankingTrojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BankingTrojan</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
bolha.us is one of the many independent Mastodon servers you can use to participate in the fediverse.
We're a Brazilian IT Community. We love IT/DevOps/Cloud, but we also love to talk about life, the universe, and more. | Nós somos uma comunidade de TI Brasileira, gostamos de Dev/DevOps/Cloud e mais!
Administered by:
Server stats:
248active users
bolha.us: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#androidsecurity
0 posts · 0 participants · 0 posts today
ITSEC News<p>New AI-Powered Scam Detection Features to Help Protect You on Android - Posted by Lyubov Farafonova, Product Manager, Phone by Google; Alberto Pastor Niet... <a href="http://security.googleblog.com/2025/03/new-ai-powered-scam-detection-features.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="ellipsis">security.googleblog.com/2025/0</span><span class="invisible">3/new-ai-powered-scam-detection-features.html</span></a> <a href="https://schleuss.online/tags/androidsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>androidsecurity</span></a> <a href="https://schleuss.online/tags/android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>android</span></a> <a href="https://schleuss.online/tags/pixel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pixel</span></a></p>
ITSEC News<p>New AI-Powered Scam Detection Features to Help Protect You on Android - Posted by Lyubov Farafonova, Product Manager, Phone by Google; Alberto Pastor Niet... <a href="http://security.googleblog.com/2025/03/new-ai-powered-scam-detection-features.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="ellipsis">security.googleblog.com/2025/0</span><span class="invisible">3/new-ai-powered-scam-detection-features.html</span></a> <a href="https://schleuss.online/tags/androidsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>androidsecurity</span></a> <a href="https://schleuss.online/tags/android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>android</span></a> <a href="https://schleuss.online/tags/pixel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pixel</span></a></p>
0x40k<p>Hey Android folks, listen up! 👀 Google just dropped a crucial security update that you seriously need to check out. It might just be relevant to your phone. Word on the street is, two of the patched vulnerabilities are already being exploited in the wild. Crazy, right? 😬</p><p>This reminds me of those chats I have with clients: "So, Android's secure, yeah?" Well... Privilege Escalation basically means an attacker can snag more permissions on your device. In short: hackers can potentially grab your data! 😱</p><p>They've squashed a whopping 44 vulnerabilities in this March update. CVE-2024-43093 & CVE-2024-50302 are seriously critical. Apparently, CVE-2024-50302 was even leveraged by Cellebrite to get into an activist's phone. Wild stuff! 😳</p><p>Go ahead and check your Android version and smash that update button ASAP (look for 2025-03-01 or 2025-03-05)! Also, be extra careful with apps from sources you don't know. Regular security checks are a must, even on your smartphone.</p><p>Have you already installed the update? Any thoughts or experiences with Android security? 🤔</p><p><a href="https://infosec.exchange/tags/AndroidSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AndroidSecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/pentest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentest</span></a></p>
Six Grandfathers Mountain<p><span class="h-card" translate="no"><a href="https://partyon.xyz/@nullagent" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>nullagent</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.sdf.org/@jack" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>jack</span></a></span> <br>RE<br>Privacy alert for <a href="https://mastodon.social/tags/androidsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>androidsecurity</span></a> <a href="https://mastodon.social/tags/android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>android</span></a> </p><p>Maybe this setting is NOT what you are talking about, but... sounds similar</p><p>There is a settings to have "take and use images on the screen"</p><p>Samsung Tablet <a href="https://mastodon.social/tags/OneUI6" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OneUI6</span></a> <a href="https://mastodon.social/tags/android14" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>android14</span></a></p><p>see the 3 images</p>
ITSEC News<p>How we kept the Google Play & Android app ecosystems safe in 2024 - Posted by Bethel Otuteye and Khawaja Shams (Android Security and Privacy Team), an... <a href="http://security.googleblog.com/2025/01/how-we-kept-google-play-android-app-ecosystem-safe-2024.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="ellipsis">security.googleblog.com/2025/0</span><span class="invisible">1/how-we-kept-google-play-android-app-ecosystem-safe-2024.html</span></a> <a href="https://schleuss.online/tags/googleplayprotect" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>googleplayprotect</span></a> <a href="https://schleuss.online/tags/androidsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>androidsecurity</span></a> <a href="https://schleuss.online/tags/googleplay" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>googleplay</span></a> <a href="https://schleuss.online/tags/android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>android</span></a></p>
MasterTrend Info<p> - Mejores Apps de Seguridad: 11 Que Debes Tener en Android<br> - <a href="https://mastodon.social/tags/SeguridadDigital" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SeguridadDigital</span></a> <a href="https://mastodon.social/tags/AppsEsenciales" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppsEsenciales</span></a> <a href="https://mastodon.social/tags/ProtegeTuM%C3%B3vil" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ProtegeTuMóvil</span></a> - <a href="https://mastodon.social/tags/Software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Software</span></a> - <a href="https://mastodon.social/tags/Androidsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Androidsecurity</span></a> <a href="https://mastodon.social/tags/EvergreenContent" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EvergreenContent</span></a> <a href="https://mastodon.social/tags/Technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Technology</span></a> <br> - 🔒 ¡Descubre las 11 mejores apps de seguridad que necesitas en tu Android! Desde Grannus, ideal para mujeres y niños, hasta Life360, para mantener a tu familia segura. También encontrarás herramientas como Google Find My Device y bSafe para emergencias. 🌍...<br><a href="https://mastertrend.info/mejores-apps-de-seguridad/?fsp_sid=2422" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mastertrend.info/mejores-apps-</span><span class="invisible">de-seguridad/?fsp_sid=2422</span></a></p>
Cryptomator<p>Cryptomator for Android is now on Accrescent! 🔐📱</p><p>We're expanding our distribution with Accrescent 🌙, a privacy-focused app store with strong security features:</p><p>✔ No user accounts needed<br>✔ Signed repository metadata<br>✔ App signing key pinning</p><p>Get Cryptomator now via Accrescent, Google Play, F-Droid & APK Store!</p><p>➡️ More info: <a href="https://cryptomator.org/blog/2025/01/24/cryptomator-accrescent/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cryptomator.org/blog/2025/01/2</span><span class="invisible">4/cryptomator-accrescent/</span></a></p><p><a href="https://mastodon.online/tags/Cryptomator" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cryptomator</span></a> <a href="https://mastodon.online/tags/PrivacyFirst" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PrivacyFirst</span></a> <a href="https://mastodon.online/tags/AndroidSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AndroidSecurity</span></a> <a href="https://mastodon.online/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a> <a href="https://mastodon.online/tags/Accrescent" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Accrescent</span></a> <a href="https://mastodon.online/tags/Encryption" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Encryption</span></a></p>
ITSEC News<p>Android enhances theft protection with Identity Check and expanded features - Posted by Jianing Sandra Guo, Product Manager, Android, Nataliya Stanetsky, Staff ... <a href="http://security.googleblog.com/2025/01/android-theft-protection-identity-check-expanded-features.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="ellipsis">security.googleblog.com/2025/0</span><span class="invisible">1/android-theft-protection-identity-check-expanded-features.html</span></a> <a href="https://schleuss.online/tags/androidsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>androidsecurity</span></a> <a href="https://schleuss.online/tags/android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>android</span></a></p>
ITSEC News<p>Safer with Google: New intelligent, real-time protections on Android to keep you safe - Posted by Lyubov Farafonova, Product Manager and Steve Kafka, Group Product Manage... <a href="http://security.googleblog.com/2024/11/new-real-time-protections-on-Android.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="ellipsis">security.googleblog.com/2024/1</span><span class="invisible">1/new-real-time-protections-on-Android.html</span></a> <a href="https://schleuss.online/tags/androidsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>androidsecurity</span></a> <a href="https://schleuss.online/tags/android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>android</span></a> <a href="https://schleuss.online/tags/pixel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pixel</span></a></p>
ITSEC News<p>5 new protections on Google Messages to help keep you safe - Posted by Jan Jedrzejowicz, Director of Product, Android and Business Communications; Alb... <a href="http://security.googleblog.com/2024/10/5-new-protections-on-google-messages.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="ellipsis">security.googleblog.com/2024/1</span><span class="invisible">0/5-new-protections-on-google-messages.html</span></a> <a href="https://schleuss.online/tags/androidsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>androidsecurity</span></a> <a href="https://schleuss.online/tags/android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>android</span></a></p>
ITSEC News<p>Bringing new theft protection features to Android users around the world - Posted by Jianing Sandra Guo, Product Manager and Nataliya Stanetsky, Staff Progra... <a href="http://security.googleblog.com/2024/10/android-theft-protection.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="ellipsis">security.googleblog.com/2024/1</span><span class="invisible">0/android-theft-protection.html</span></a> <a href="https://schleuss.online/tags/androidsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>androidsecurity</span></a> <a href="https://schleuss.online/tags/android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>android</span></a></p>
Vinoth (Mobile security)<p>This is my <a href="https://infosec.exchange/tags/indroduction" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>indroduction</span></a> post. I hope I am doing this right.</p><p>I am Vinoth, from San Diego. I lead the silicon security architecture and silicon security operations teams at <a href="https://infosec.exchange/tags/Google" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Google</span></a>. Before this, I worked on mobile silicon security at <a href="https://infosec.exchange/tags/Qualcomm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Qualcomm</span></a>. I will mostly talk about <a href="https://infosec.exchange/tags/mobilesecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mobilesecurity</span></a>, <a href="https://infosec.exchange/tags/androidsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>androidsecurity</span></a> and <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a>. </p><p>Much of my work is about improving the security of <a href="https://infosec.exchange/tags/Pixel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Pixel</span></a> and other <a href="https://infosec.exchange/tags/Android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Android</span></a> devices. My expertise is at the intersection of hardware security architecture, software security architecture and silicon security operations (secure key provisioning, code signing, device attestation etc.). I have ~20 years of experience making mistakes at this particular intersection that make me feel eminently qualified to talk about how to not make them. </p><p>I love explaining the intricacies of silicon development to software engineers and vice versa. So if you want to understand the hardware underpinnings of Trusted compute, confidential compute or whatever, I'm your guy.</p><p>I sometimes hold unpopular opinions, and I welcome healthy discussions about them. For example, (a) open sourcing RTL will not improve hardware security to the same extent open source software improved software security (b) there are situations where compliance actively harms security.</p><p>Also a medidator, volunteer at <a href="https://infosec.exchange/tags/ishafoundation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ishafoundation</span></a>, father of 2 kids, husband of 1 wife, angel investor and a very curious human being.</p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload