The Hacker News

Google Starts Blocking Sideloading of Potentially Dangerous Android Apps in Singapore

Google has unveiled a new pilot program in Singapore that aims to prevent users from sideloading certain apps that abuse Android app permissions to read one-time passwords and gather sensitive data. "This enhanced fraud protection will analyze and automatically block the installation of apps that may use sensitive runtime permissions frequently abused for financial fraud when the user attempts

The Hacker News

New Sneaky Xamalicious Android Malware Hits Over 327,000 Devices

A new Android backdoor has been discovered with potent capabilities to carry out a range of malicious actions on infected devices. Dubbed Xamalicious by the McAfee Mobile Research Team, the malware is so named for the fact that it's developed using an open-source mobile app framework called Xamarin and abuses the operating system's accessibility permissions to fulfill its objectives.

The Hacker News

Google Play Store Highlights 'Independent Security Review' Badge for VPN Apps

Google is rolling out a new banner to highlight the "Independent security review" badge in the Play Store's Data safety section for Android VPN apps that have undergone a Mobile Application Security Assessment (MASA) audit. "We've launched this banner beginning with VPN apps due to the sensitive and significant amount of user data these apps handle," Nataliya Stanetsky of the Android Security

The Hacker News

Over Half of Security Leaders Lack Confidence in Protecting App Secrets, Study Reveals

It might come as a surprise, but secrets management has become the elephant in the AppSec room. While security vulnerabilities like Common Vulnerabilities and Exposures (CVEs) often make headlines in the cybersecurity world, secrets management remains an overlooked issue that can have immediate and impactful consequences for corporate safety.  A recent study by GitGuardian found that 75% of IT