Welcome to the week’s mobile security news that matters – the NowSecure #MobSec5.
This edition includes:
- Android security update
- Apple WWDC 2017 videos and slides published
- First Android malware with code injection capabilities
Thanks for reading. Have a great weekend, be good, and stay safe.
P.S. If you’re in the market for mobile app security testing technology, download Gartner’s 2017 Market Guide for Mobile Application Security Testing for free from our website.
Subscribe now to receive #MobSec5 updates each Friday in your inbox.
Android Security Bulletin—June 2017
(Android Open Source Project)
“The most severe of these issues is a critical security vulnerability in Media Framework that could enable a remote attacker using a specially crafted file to cause memory corruption during media file and data processing.”
WWDC 2017: iOS 11, New Macs, HomePod and More
“The 2017 Worldwide Developers Conference keynote was Apple’s biggest event in years, with the company introducing both new software platforms and a range of new hardware products.”
In addition to new product announcements, the WWDC 2017 schedule included a number of sessions focused on privacy and security. Apple has published video, slides, and resources for “Your Apps and Evolving Network Security Standards,” “Privacy and Your Apps,” and “What’s New in Signing for Xcode and Xcode Server” on the Apple Developer website.
Google Removes Rooting Trojan Dvmap From Play Store
“Google removed a nasty Trojan from Google Play earlier this week that could have rooted Android devices and injected malicious code into an infected device’s system library.”
According to a write-up from Senior Malware Analyst Roman Unuchek, people downloaded the Dvmap malware more than 50,000 times before Google removed it from the Google Play store. Dvmap can achieve root access, inject code into system runtime libraries, and change system settings to turn off Android’s Verify Apps feature and allow installation of apps from unofficial app stores. We discussed mobile banking Trojans on the NowSecure blog this week and what financial institutions can do to protect the users of their apps.
“Mobile application assessments can be useful tools for enterprises that want to strengthen mobile security policies. Here’s how to use an app assessment.”
“Cybercriminals have moved to a new level when attacking mobile devices replacing their simplistic attack methods with sophisticated and stealthier models that now use chain attacks.”
June 2017 Release Notes: Google APIs for Android
Google has added a number of new SafetyNet features.
“Today, on reCAPTCHA’s tenth birthday, we’re glad to announce the first reCAPTCHA Android API as part of Google Play Services. With this API, reCAPTCHA can better tell human and bots apart to provide a streamlined user experience on mobile.”
“As soon as the user presses ‘OK,’ the malware prompts the installation of another APK named ‘Update.’ The Update app asks for administrator privileges which, if granted, can’t be revoked.”
initroot: Hello Moto
“Exploiting CVE-2016-10277 on Moto G4 & G5 for Secure Boot Bypass.”
FTC Announces Third PrivacyCon, Calls for Presentations
(Federal Trade Commission)
“As part of this initiative, the FTC is seeking general research that explores the privacy and security implications of emerging technologies, such as the Internet of Things, artificial intelligence and virtual reality.”
If you want to receive #MobSec5 updates each Friday in your inbox, subscribe now via the NowSecure Subscription Center.