A rooting application has been found in the wild targeting Nexus mobile devices using a local privilege escalation vulnerability patched two years ago in the Linux kernel that remains unpatched in Android. Researchers at Zimperium, the same company that discovered last summer’s Stagefright flaws affecting Android, privately disclosed to Google last Tuesday they found an...

Source code for the potent Android malware GM Bot has been leaked to underground forums, according to IBM security experts. The impact, IBM X-Force threat intelligence says, will be an uptick in GM Bot variants and the number of attacks targeting financial applications on Android-based devices. Limor Kessem, a cybersecurity analyst with IBM Trusteer, said...

Google today patched Nexus devices in an over-the-air update against a critical vulnerability that could be exploited by an attacker on the same Wi-Fi network. The patch addresses multiple vulnerabilities in the Broadcom Wi-Fi driver that could be abused to allow for remote code execution. The patches were pushed out in builds LMY49G or later...

Mike Mimoso and Chris Brook discuss the week in news, including the Linux zero day–how it was patched in Android, Twitter users sent nation state messages that are still looking for answers, and bot fraud. Download: news_wrap_01-08-16.mp3 Music by Chris Gonsalves

Google is downplaying the scope of the critical Linux vulnerability patched this week, suggesting that the number of affected Android devices has been exaggerated. The Android OS is built upon the Linux kernel, but minus many of the libraries that are included in standard Linux builds. Initially, startup Perception Point said that upwards of two-thirds...

Asacub, once thought of as spyware, appears to have completed its transition into mobile banking malware, according to research published this week. When the Android malware surfaced in June 2015, researchers with Kaspersky Lab assumed it was spyware. It more or less fit the part; Asacub siphoned incoming SMS messages, browser history, and contacts — and...

Silent Circle, makers of the security and privacy focused Blackphone, have patched a vulnerability that could allow a malicious mobile application or remote attacker to access the device’s modem and perform any number of actions. The update was released Dec. 7 in version 1.1.13 RC3; details of the issue were disclosed today by SentinelOne, which...

Since last summer’s Stagefright vulnerabilities toppled the Android world for a few weeks, researchers inside and out of Google have been taking a close look at not only the maligned media playback engine, but also at Mediaserver where it lives. Today’s release of the monthly Android Nexus Security Bulletin includes patches for another critical vulnerability...

With 2015 more or less in the rear view mirror Mike Mimoso and Chris Brook discuss the year in security: Wassenaar, ransomware, Carbanak and Equation Group,how big of a deal Stagefright was, that Juniper backdoor, and more. Download: tp_2015_in_review.mp3 Music by Chris Gonsalves

Google has patched another critical Android vulnerability in Mediaserver, which has been maligned since this summer’s barrage of patches for the Stagefright vulnerability, along with a critical rooting vulnerability in the mobile operating system’s kernel. In all, 19 vulnerabilities were patched in Monday’s monthly over-the-air security update for Google Nexus mobile devices, five rated critical,...