Security news aggregator

Latest coverage for Mobile

Mobile security covers threats to smartphones and tablets, including malicious apps, data theft, account compromise, and insecure wireless connections.

12 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Mobile security covers the protection of smartphones, tablets, and closely related handheld devices, including their operating systems, applications, wireless connections, and stored data. These devices combine personal and business information with cellular, Wi‑Fi, Bluetooth, and location services, and often provide access to cloud and corporate systems.

Material risks include malicious or over-privileged applications, phishing and fraudulent authentication prompts, unpatched operating-system or baseband vulnerabilities, and exposure after a device is lost or stolen. Security teams typically reduce these risks through timely updates, approved application sources, encryption, strong screen locks and phishing-resistant authentication where supported, and mobile-device management that enforces policy and can remove access or wipe business data. Application permissions and device telemetry also require privacy controls, particularly when personal and corporate data share the same device. Mobile vulnerability disclosures and incidents may require checking device models, operating-system versions, applications, and management coverage rather than treating all mobile devices as equivalent.

Volume over time

Weekly headline count for the current query.

Showing 12 most recent headlines Filtered view
Trend Micro Research, News and Perspectives 1 year, 10 months ago

Vulnerabilities in Cellular Packet Cores Part IV: Authentication

Our research reveals two significant vulnerabilities in Microsoft Azure Private 5G Core (AP5GC). The first vulnerability (CVE-2024-20685) allows a crafted signaling message to crash the control plane, leading to potential service outages. The second (ZDI-CAN-23960) disconnects and replaces attached base stations, disrupting network operations. While these issues are implementation-specific, their exploitation is made possible by a systemic weakness: the lack of mandatory authentication procedures between base stations and packet-cores.

Trend Micro Research, News and Perspectives 2 years, 9 months ago

Attacks on 5G Infrastructure From Users’ Devices

Crafted packets from cellular devices such as mobile phones can exploit faulty state machines in the 5G core to attack cellular infrastructure. Smart devices that critical industries such as defense, utilities, and the medical sectors use for their daily operations depend on the speed, efficiency, and productivity brought by 5G. This entry describes CVE-2021-45462 as a potential use case to deploy a denial-of-service (DoS) attack to private 5G networks.

Trend Micro Research, News and Perspectives 2 years, 10 months ago

Stealthy Android Malware MMRat Carries Out Bank Fraud Via Fake App Stores

The Trend Micro Mobile Application Reputation Service (MARS) team discovered a new, fully undetected Android banking trojan, dubbed MMRat, that has been targeting mobile users in Southeast Asia since late June 2023.

Trend Micro Research, News and Perspectives 3 years, 2 months ago

Lemon Group’s Cybercriminal Businesses Built on Preinfected Devices

An overview of the Lemon Group’s use of preinfected mobile devices, and how this scheme is potentially being developed and expanded to other internet of things (IoT) devices. This research was presented in full at the Black Hat Asia 2023 Conference in Singapore in May 2023.

Trend Micro Research, News and Perspectives 3 years, 5 months ago

TgToxic Malware’s Automated Framework Targets Southeast Asia Android Users

We look into an ongoing malware campaign we named TgToxic, targeting Android mobile users in Taiwan, Thailand, and Indonesia since July 2022. The malware steals users’ credentials and assets such as cryptocurrency from digital wallets, as well as money from bank and finance apps. Analyzing the automated features of the malware, we found that the threat actor abused legitimate test framework Easyclick to write a Javascript-based automation script for functions such as clicks and gestures.