Android lets advertisers get a list of all your apps — and this API feature is broadly used

zdnet.com advertiser, advertisers, age groups, android, api calls, api feature, app developers, app incompatibilities, application methods, applications, apps, beliefs, danger, developers, fact, feature, fingerprint, gender, google, iams, interactions, interests, languages, list, many, operating system, privacy, research paper, set, study, traits, use, user, user privacy, users

In-depth study looks at the usage of installed application methods (IAMs) API calls across the Android ecosystem.

Week in review: Supply chain security, Android flaw opens users to advanced SMS phishing

helpnetsecurity.com ak, android, articles, attack surface, browser, check point research, cryptomining, danfoss, danfoss scada, default, devices, em 800, enhanced tracking protection, feature, firefox, flaw, healthcare organizations, huaw, lot, mozilla, news, number, overview, patch, podcasts, product, review, samsung, scada, scripts, security, security flaw, security hole, sms phishing, sms phishing attacks, some, supply chain security, surface, testing, tracking cookies, tweaking, users, vulnerabilities

Here’s an overview of some of last week’s most interesting news, articles and podcasts: How to reduce the attack surface associated with medical devices

Android OTA Bug May Have Affected Over One Billion Users.

infosecurity-magazine.com agents, android, attackers, authentication, authenticity checks, bug, check point, control, devices, flaw, hackers, handset manufacturers, handsets, huawei, message senders, messages, network operators, oma cp, open mobile alliance client provisioning, ota, ota bug, ota provisioning, over-the-air, proxy server, result, samsung, security researchers, settings, sms phishing attacks, spoof, updates, user, users, vulnerability, way

Check Point discovered dangerous new smishing hole

Zero-day disclosed in Android OS

zdnet.com access, android os, app vulnerabilities, attacker, attackers, code, control, details, device, driver, hacks, input, input data., mobile operating system, news, pdf, phones, privilege escalation issue, scenario, user, users, v4l2, video for linux, vulnerability, vulnerbility

Android project maintainers fail to fix dangerous privilege escalation bug six months after initial report.

Flaw in Android Phones allowing attackers to Divert Emails. – IT Security Guru

itsecurityguru.org android phones, attack, attackers, brands, carriers, check point software technologies, configurations, dark reading, design weaknesses, directory server, e-mail, emails, features, flaw, huawei, it security guru, lg, links, network, ota, over-the-air, phone carrier, phone carrier, phones, provisioning messages, researchers, samsung, security researchers, service message, smartphones, sony, source, spoofing, spoofing messages, technique, text messages

Researchers find that a spoofing a service message from the phone carrier is simple and effective on some brands of Android smartphones. Using text messages with embedded links, security researchers…

Android Zero-Day bug didnt make the cut on the Google Fix List.

itsecurityguru.org access, actions, android, attacker, bleepingcomputer, bug, cut, device, files, fix, google, google fix list, kernel level, mobile operating system, one, order, permissions, position, privilege escalation, security flaws, security patches, source, system

Google yesterday rolled out security patches for the Android mobile operating system but did not include the fix for at least one bug that enables increasing permissions to kernel level. Security…

Phishing attacks causing vulnerability to millions of Android phones.

itsecurityguru.org actors, agent, android, attack vector, attacker, carriers, check point, control, cybercriminal, half, investment, levels, millions, mobile phones, network, ota, over-the-air, phishing attack, phishing attacks, phone owners, phone settings, phones, process, provisioning, researchers, sc magazine, settings, use, vulnerability

More than half of the Android mobile phones in use are susceptible to an advanced text-based phishing attack that only requires a cybercriminal make a $10 investment. Check Point researchers found…

Android exploits are now worth more than iOS exploits for the first time

zdnet.com android 10, announcement, company, ever., exploit chain, exploit chain, exploits, google, government, hackers, image, ios, law enforcement agencies, maximum, price, price list, release, rewards, security researchers, software exploits, some, spokesperson, time, user interaction, zerodium

Exploit broker Zerodium increases zero-day prices for Android, now worth more than iOS.