The number of WhatsApp phishing URLs has skyrocketed in Q4 2019 after a 13,467.6% huge QoQ surge in the number of unique phishing URLs targeting its users being discovered by email security company Vade Secure since Q3 2019. Vade Secure's Phishers' Favorites report for Q4 2019 highlights the 25 most impersonated brands in phishing attacks with the list being compiled after examining phishing URLs detected by Vade Secure's technology.  "Leveraging data from more than 600 million protected mailboxes worldwide, Vade's machine learning algorithms identify the brands being impersonated as part of i ..read more

WhatsApp’s growth can be credited for the easy-to-use interface, a host of features for individual and group users, and no advertisements (for now). Your private conversations stay between you,” said the company earlier this week.For WhatsApp’s 2 billion users, it’s pertinent to know the security features that the instant messaging application offers. You can also do the same for your WhatsApp account. You can enable the feature by going to Settings > Account > two-step verification.Secure your profileWhatsApp also gives you the flexibility to control who can see your key profile informa ..read more

The company has unearthed 98,000 “malicious apps,” which have infected 43 million devices. This can now be viewed as an endemic problem with mobile apps downloaded from Google’s Play Store—despite Google Protect and the App Defense Alliance. In its report, Upstream explains the methods by which users are enticed to install malicious malware and then grant a raft of permissions that goes way beyond what is required for the app’s claimed purpose. There is also the issue that such apps can lead to devices being infected with more dangerous malware. If you insist on installing trivial apps from un ..read more

WhatsApp is found to have disclosed as many as 12 vulnerabilities in 2019, significantly higher than the one or two security flaws it reported in the past few years. WhatsApp also last year faced a controversy in India when a vulnerability was used to allegedly enable snooping of human rights activists and journalists in the country through an Israeli spyware called Pegasus.According to the entries available on the US National Vulnerability Database (NVD), WhatsApp reported 12 vulnerabilities last year. A total of seven vulnerabilities of the total count were classed as “critical”.The list of ..read more

Juice jacking is becoming a real threat for people, especially for those charging their phones using public USB outlets. These attacks often occur at public charging stations in airports and hotels. Once installed, the malware may lock the device or export data and passwords directly to the scammers ..read more

A new update to the Google Smart Lock app means that iPhone users can use the device as a physical 2-factor-authentication key - meaning that attackers can't get into your Google account without physically holding the phone. Google said it hopes that the updates to its program will help high-risk users, like members of political campaign teams, journalists, and activists, as well as professionals working in highly regulated industries like finance. The company has updated its Advanced Protection Program to allow users to use their iPhones as a security key to access Gmail, Drive, and other Goo ..read more

"Android Partners - who use the Android trademark and branding - are manufacturing devices that contain pre-installed apps that cannot be deleted, which can leave users vulnerable to their data being collected, shared and exposed without their knowledge or consent," the letter states. The concern surrounding bloatware hinges on the fact they exist without the standard Android security model, with pre-installed apps able to access the microphone, camera, and location by default. Presently, apps downloaded from the standard Google Play store require the user to "opt in" to access the more sensit ..read more

Google Android users could be about to get a security feature that’s been available on Apple’s ... [+] iPhone browser for a while: The ability to use biometrics to authenticate yourself when auto-filling passwords. Google Android users could be about to get a security feature that’s been available on Apple’s iPhone browser for a while: The ability to use biometrics to authenticate yourself when auto-filling passwords. That’s right, currently people who use Google Android’s Autofill service to remember their passwords, payment methods and other information, instead of a password manager such as ..read more

Spies can choose to set up an IMSI catcher to simulate a burner phone’s base station. It is advisable to use a burner phone that has a hardware kill switch for shutting off the microphones ..read more

Samsung is rolling out new OTA updates for a couple of its smartphones, and a tablet. These include the Galaxy A5 (2017), Galaxy A30s, and the Galaxy Tab S3 (LTE). The Galaxy A5 (2017) Android update brings with it the latest December 2019 security patch. The Galaxy A30s, on the other hand, is getting the November 2019 security patch update. The Galaxy Tab S3 update bumps up the software version to CSK2/CSK1/CSJ1 (region-specific). Earlier this month, Samsung released its Android 10 update roadmap for the Galaxy devices. The list revealed that the Samsung Android 10-based One UI 2.0 update wil ..read more