• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Search results for: mobile remote code execution

Patched GIF Processing Vulnerability CVE-2019-11932 Still Afflicts Multiple Mobile Apps

  • Posted on:November 25, 2019 at 5:00 am
  • Posted in:Mobile, Vulnerabilities
  • Author:
    Trend Micro
0

CVE-2019-11932, which is a vulnerability in WhatsApp for Android, was first disclosed to the public on October 2, 2019 after a researcher named Awakened discovered that attackers could use maliciously crafted GIF files to allow remote code execution. The vulnerability was patched with version 2.19.244 of WhatsApp, but the underlying problem lies in the library called libpl_droidsonroids_gif.so, which is part of the android-gif-drawable package. While this flaw has also been patched, many applications still use the older version and remain at risk.

Read More
Tags: vulnerabilitywhatsapp

LeakerLocker Mobile Ransomware Threatens to Expose User Information

  • Posted on:July 31, 2017 at 5:00 am
  • Posted in:Mobile, Ransomware
  • Author:
    Ford Qin (Mobile Threats Analyst)
0

While mobile ransomware such as the recent SLocker focuses on encrypting files on the victim’s devices, a new mobile ransomware named LeakerLocker taps into its victims’ worst fears by allegedly threatening to send personal data on a remote server and expose its contents to everyone on their contact lists.

Read More

April Android Security Bulletin Addresses Critical H.264 and H.265 Decoder Vulnerabilities

  • Posted on:April 21, 2017 at 7:32 am
  • Posted in:Mobile, Vulnerabilities
  • Author:
    Mobile Threat Response Team
0

In April’s Android Security Bulletin, we discovered and privately disclosed seven vulnerabilities—three of which were rated as Critical, one as High, and another three as Moderate.

Read More

In Review: 2016’s Mobile Threat Landscape Brings Diversity, Scale, and Scope

  • Posted on:January 18, 2017 at 12:07 am
  • Posted in:Malware, Mobile
  • Author:
    Mobile Threat Response Team
0

65 million: the number of times we’ve blocked mobile threats in 2016. By December 2016, the total number of unique samples of malicious Android apps we’ve collected and analyzed hit the 19.2 million mark—a huge leap from the 10.7 million samples collected in 2015.

Indeed, the ubiquity of mobile devices among individual users and organizations, along with advances in technologies that power them, reflect the exponential proliferation, increasing complexity and expanding capabilities of mobile threats.

While the routines and infection chain of mobile threats are familiar territory, 2016 brought threats with increased diversity, scale, and scope to the mobile landscape. More enterprises felt the brunt of mobile malware as BYOD and company-owned devices become more commonplace, while ransomware became rampant as the mobile user base continued to become a viable target for cybercriminals. More vulnerabilities were also discovered and disclosed, enabling bad guys to broaden their attack vectors, fine-tune their malware, increase their distribution methods, and in particular, invade iOS’s walled garden.

Read More
Tags: androidbanking TrojaniOSMobilemobile ransomware

High-Profile Mobile Apps At Risk Due to Three-Year-Old Vulnerability

  • Posted on:December 3, 2015 at 8:59 am
  • Posted in:Mobile, Vulnerabilities
  • Author:
    Veo Zhang (Mobile Threats Analyst)
3

A total of 6.1 million devices – smart phones, routers, smart TVs – are currently at risk to remote code execution attacks due to vulnerabilities that have been fixed since 2012.

The vulnerability exists in the Portable SDK for UPnPā„¢ Devices, also called libupnp. This particular library is used to implement media playback (DLNA) or NAT traversal (UPnP IGD). Apps on a smartphone can use these features to play media files or connect to other devices within a user’s home network.

Read More
Tags: androidgoogle playlibupnpNetflixTencent QQMusicvulnerability
Page 1 of 1112 › »

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, ę—„ęœ¬, ėŒ€ķ•œėÆ¼źµ­, å°ē£
  • Latin America Region (LAR): Brasil, MĆ©xico
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Ɩsterreich / Schweiz, Italia, Š Š¾ŃŃŠøŃ, EspaƱa, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.