February 12, Securityweek – (International) Google Play, browser flaws expose Android devices to remote code execution. Researchers at Rapid7 reported that vulnerabilities in Google Play due to a lack of appropriate X-Frame-Options (XFO) headers combined with a universal cross-site scripting (UXSS) vulnerability in browsers shipped with Android versions prior to 4.4 (KitKat), or a cross-site scripting (XSS) bug in Google Play, could be leveraged by attackers to remotely install arbitrary Android application packages (APKs) on smartphones. Attacks can be prevented by logging out of the Google account prior to using the affected browsers, or by using Mozilla FireFox or Chrome instead. Source
February 11, Softpedia – (International) Simplocker ransomware for Android returns with new version. Avast researchers reported that over 5,000 unique users were infected by a newly discovered Simplocker ransomware variant for Android that poses as an Adobe Flash Player update, employs unique encryption keys to make unlocking difficult, and displays a fake notification from the FBI about suspicious files and copyright infringement to fool victims into paying the $200 ransom. Source
February 12, PC World – (International) Several PayPal-mimicking phishing sites taken offline. Open DNS researchers found a number of phishing Web sites that appear as legitimate PayPal sites being used to steal user’s login credentials. PayPal is working to shut down the fraudulent sites. Source