Cybersecurity Insights

Stay updated on the latest cybersecurity issues including emerging threats and vulnerabilities.

Commentary
2 weeks ago
4 Mins
Blue pearl-like balls raining down on an open umbrella.
Commentary

Safeguarding Mobile Apps: Insights from a Verimatrix-Sponsored Event

Check out this recap of an ISMG roundtable event spnsored by Verimatrix. Get exclusive access to discussions on generative AI, SDLC, and more.
07/03/2024
The head of an anonymous person disappearing into the ether.
Commentary

Android And iPhone Users Must Now Face Off With GoldPickaxe That’s Depleting Bank Accounts

Learn about GoldPickaxe, a deepfake-driven malware targeting iOS/Android and exploiting social engineering to break into victims' bank accounts.
05/03/2024
A person reading social media posts and being influenced by fake news.
Commentary

Why iOS Mobile App Developers Need Added Security

This threat commentary by Verimatrix highlights the new vulnerabilities facing iOS devices and the proactive measures developers can take to enhance security.
04/03/2024

Join our newsletter

Get the latest cybersecurity insights delivered straight to your inbox.

All threat advisories and articles.

A soft drink can with a metal straw sitting in a small flamingo floatie
Commentary

Security Threats and Challenges Faced by Hospitality Mobile Apps and Websites

Heard about the MGM Resorts cyberattack? Verimatrix reveals the vulnerabilities exploited by malicious actors targeting hospitality mobile apps and websites.
Blue pearl-like balls raining down on an open umbrella.
Commentary

Safeguarding Mobile Apps: Insights from a Verimatrix-Sponsored Event

Check out this recap of an ISMG roundtable event spnsored by Verimatrix. Get exclusive access to discussions on generative AI, SDLC, and more.
The head of an anonymous person disappearing into the ether.
Commentary

Android And iPhone Users Must Now Face Off With GoldPickaxe That’s Depleting Bank Accounts

Learn about GoldPickaxe, a deepfake-driven malware targeting iOS/Android and exploiting social engineering to break into victims’ bank accounts.
A person reading social media posts and being influenced by fake news.
Commentary

Why iOS Mobile App Developers Need Added Security

This threat commentary by Verimatrix highlights the new vulnerabilities facing iOS devices and the proactive measures developers can take to enhance security.
A group of people looking at their smartphones individually and reading something interesting.
Threat Roundup

Cybersecurity Threat Roundup #9: Fake LastPass app, MavenGate, Moqhao, and more

Stay vigilant against cyber threats with Verimatrix’s Cybersecurity Threat Roundup. Boost defense strategy with timely advisories and intelligence reports.
Commentary

A Quick Look at Singapore’s New Safe App Standard

Singapore recently debuted its new Safe App Standard, the country’s own set of guidelines to boost mobile app security and protect consumers from cyber attacks.
Commentary

NY Fraud Compensation Lawsuit Ushers in Latest Emphasis on Mobile Banking Security

NY fraud compensation lawsuit puts the emphasis on properly deployed mobile banking security measures to prevent disastrous breaches and save money.
Commentary

VajraSpy RAT: Getting a Foot Inside the Store Once Again

Verimatrix’s commentary on the recent detection of the VajraSpy RAT found to be concealed withn Google Play store apps.
Rows of colorful eyes
Threat Roundup

Cybersecurity Threat Roundup #8: Autospill, BLUFFS, Xamalicious, and more

Stay informed with Verimatrix’s Cybersecurity Threat Roundup. Boost your defense strategy with timely advisories and comprehensive intelligence reports.
A visual representation of hackers trying to influence Android phone users through compromised mobile apps.
Commentary

Xamalicious Malware: Android’s Accessibility Services Exploited Once Again

Xamalicious malware raises concerns about Android app security. This article by Verimatrix exposes its infiltration tactics and impact on user privacy.
A colorful collage of Japanese fox masks, fans, flowers, and waters.
Commentary

Crossing the Line: Affiliate-Related Attacks Via the Popular Japanese Messaging App

Verimatrix’s insights into the recent Line app data breach: An affiliate-related attack compromises user data, signaling a need to bolster mobile app security.
A conversation with Karl Schenk, Head of VMX Labs and Product Security, and Tom Powledge, Head of Cybersecurity Business
Commentary

A Sit-Down with Heads of VMX Labs and Verimatrix Cybersecurity Business

Insights from the Heads of VMX Labs and Verimatrix Cybersecurity Business reveal the growing need for robust mobile app protection. Learn what they are here.
Three chairs being balanced on top of one another.
Threat Roundup

Cybersecurity Threat Roundup #7: Enchant, FjordPhantom, IMUTA, and more

Stay abreast of the latest mobile app threats with Verimatrix’s Cybersecurity Threat Roundup. Bolster your defenses with advisories, patches, and intel reports.
A multi-layered representation of EU states joining together for a common cause.
Commentary

The EU Gets Serious About Mobile App Security

CRA regulations reshape the European mobile app security landscape. Verimatrix provides trusted CRA-ready solutions for app developers and publishers.
An abstract representation of two people facing each other but their faces have fibre optic cables.
Commentary

Deconstructing a Mobile Banking App Overlay Heist

Our Verimatrix experts dive into the intricate world of mobile banking security breaches. Learn about the mechanics behind overlay attacks on banking apps here.
A fake mobile app that is hiding a malicious threat.
Commentary

Beta Beware: The Dark Side of Mobile App Trials

Understand the cybersecurity menace surrounding mobile app trials, where fake beta versions can expose users to financial scams and unauthorized access.
A person holding a smartphone that is on fire.
Commentary

The Dark Side of Discounts: Voucher Fraud in Mobile Apps

Beware of fake vouchers in your mobile apps! Discover the tactics fraudsters employ to exploit discounts and compromise user experiences.
A warning sign showing that there is to be no hidden bugs in the code.
Threat Advisory

Verimatrix Researchers Expose App Developer Spewing Malware

Fake apps exposed! Verimatrix researchers reveal malware-infected apps by Simi Studio. Learn about the risks and fortify your defenses against unseen threats.
Hackers behind an obstacle trying to break through to the other side.
Threat Roundup

Cybersecurity Threat Roundup #6: Arid Viper, Caracal Kitten, iLeakage, and more

Stay vigilant against cyber threats with Verimatrix’s Cybersecurity Threat Roundup. Boost your defense strategy with timely advisories and intelligence reports.
A person using binocular to uncover the latest cybersecurity threats.
Threat Roundup

Cybersecurity Threat Roundup #5: EvilBamboo, Smishing Triad, WiKi-Eve and more

Stay vigilant against cyberattacks with Verimatrix’s Cybersecurity Threat Roundup. Enhance your knowledge with expert advisories and comprehensive intel.
A mobile device and a website interface with advanced security features for retail protection.
Commentary

Securing the Storefront: Reimagining Retail Mobile App and Website Protections

Retailers create mobile apps to facilitate online shopping, but without app shielding, these apps are often vulnerable to hacking attempts and fraud.
A cybernetic spider crawling on a web of code.
Threat Advisory

GoldDigger: The Systematic Abuse of Android Accessibility Services Is Now a Thing

Read about the emergence of GoldDigger, a new Trojan exploiting Android Accessibility Services, and its impact on mobile banking security.
A mysterious man dressed in a well-tailored suit, standing in a large room full of floating spheres.
Commentary

Dangerous Downloads: What the FDM Hack Teaches Us About Supply Chain Risks

Heard about the FDM hack? Find out how it exposes supply chain risks and how attackers compromise trusted sources in this insightful article by Verimatrix.
A glowing pair of eyes staring back at the reader.
Threat Roundup

Cybersecurity Threat Roundup #4: BadBazaar, CypherRAT, CraxsRAT and more

Stay one step ahead of cyberattacks with Verimatrix’s Cybersecurity Threat Roundup. Elevate your defense strategy with advisories and in-depth intel reports.
A masquerade ball mask
Commentary

Malware Masquerade: The Danger of Repackaged App Attacks and AI Voice Fraud

Your smartphone and voice identity is under threat from new cyber threats! Read about repackaged attacks and AI voice fraud in this eye-opening read.
A malicious hacker hidden from identification.
Commentary

Ghost in the Code: Blind Spots in Mobile App Development

Learn how developers can protect users and data in an evolving threat landscape. Don’t let blind spots in mobile app development compromise your security.
A shield against malicious code.
Commentary

Federal Cybersecurity Gets a Boost: A Proliferation of New Initiatives

The U.S. government is making great strides to fortify cybersecurity with new regulations, transparency, and a united strategy for digital defense. Read now!
A man stares out a window at a lightning storm.
Threat Roundup

Cybersecurity Threat Roundup #3: Anatsa, CherryBlos, DoNotAPT and more

Check out Verimatrix’s Cybersecurity Threat Roundup for insights into the newest mobile app threats. Inform your app security using advisories, patches, etc.
A bunch of creepy hands coming out of a portal.
Commentary

What You Don’t Know Can Hack You: Software Supply Chain Attacks in Mobile Apps

Mobile app developers, stay vigilant! Defend against software supply chain attacks with secure code reviews, regular updates, and monitoring.
Mobile app monitoring
Commentary

Mobile App Monitoring is Winning Over Skeptics and Gaining Acceptance with Banks

Mobile app monitoring gains acceptance in banks, enhancing security and threat detection. Explore XTD solutions for proactive defense.
Commentary

5 Fraud Tactics Deployed by Mobile App Banking Trojans

Learn about cunning tactics used by banking trojans to exploit mobile apps and steal sensitive information from banks and their customers.
Threat Roundup

Cybersecurity Threat Roundup #2: SpinOk, AhRat, Bogus QR Codes and more

Our second issue lists the most pressing cybersecurity threats and vulnerabilities facing businesses across the globe. Stay updated with our quick snippets, intelligence reports, and direct links to more in-depth resources.
Commentary

$100,000 Smackdown: FTC Targets Health App Developers

Read about the FTC’s focus on healthcare data breaches and the need for better safeguards by healthcare app developers to avoid penalties.
Threat Advisory

By HOOK Or By Crook: The Insidious Launch Overlay Attack Targeting Financial Institutions

HOOK a relatively new mobile app malware largely targeting financial institutions in Poland that has now spread worldwide.
Commentary

Goldoson and the Dark Side of Third-Party Mobile App Libraries

The recent Goldoson malware is a software supply chain attack that has affected more than 100 million downloads associated with 60 mobile apps.”
Threat Roundup

Cybersecurity Threat Roundup #1: Chameleon, Hiddad, DAAM Android Botnet and more

In our inaugural issue, we list down the most pressing cybersecurity threats and vulnerabilities facing businesses across the globe. Stay updated with our quick snippets, intelligence reports, and direct links to more in-depth resources.
Threat Advisory

Hackers Use GoatRAT Variant to Exploit Android Accessibility Services to Attack Mobile Apps

The recent GoatRAT variant targeting Brazilian banks shows that app developers need to implement greater protections that can sniff out this abuse on a mobile device. Where we see smoke today, there is likely to be a fire tomorrow.
Uncategorized

Securing the Road Ahead: Automotive Security Done Right

A new vehicle rolling off the assembly line today has more lines of code than a modern passenger jet. It includes complex infotainment, telematics, and infrastructure systems, all of which must work together in perfect harmony and synchronization to keep the driver connected, informed, and safe.
A person who maintains an anonymous identity.
Threat Advisory

Screen Spoofing: Dangerous Mobile App Overlay Attacks On the Rise

Overlay attacks are a long-known major threat to mobile apps that have made their presence known in a big way in the last few months, becoming more dangerous with new logistics of attack.
A person's face that is wearing sunglasses.
Commentary

Enhancing Application Security Protections: A Look at the Zero-Code Injection Approach to Prevent Reverse-Engineering

Zero-code injection technology serves as a high-value yet low-effort security measure that significantly enhances an application’s protection against reverse-engineering.
A person using an unprotected smartphone that is vulnerable to hackers.
Commentary

Is Mobile App Security Your Organization’s Weakest Link?

Mobile applications are the main way organizations communicate with their customers. It is also the newest pathway for hackers to gain access to sensitive data.
A visual representation of code obfuscation and polymorphism for application security.
Commentary

The Importance of Code Obfuscation and Polymorphism to Application Security

By making source, byte, or machine code significantly more difficult to understand by humans, code obfuscation stands as an essential aspect of application security.
A neon sunrise.
Commentary

A Look Beyond Traditional RASP, MTD and WAF Technologies

The need for proven measures to protect them against malicious attacks remains more important than ever for any organization dependent on the success of critical applications.

You might be interested in:

White Papers

OWASP Mobile Top 10

March 18, 2024

State of Enterprise Mobile App Security – 2023

November 16, 2023

Ensuring Mobile Gaming Security

October 15, 2023

Protecting Mobile Gambling Apps

July 20, 2023

Zero Trust, Zero Compromise

Our approach to cybersecurity is based on the Zero Trust model, which assumes that no user or device can be trusted by default. We will take a Zero Compromise stance on security, ensuring that every aspect of our clients’ systems and data is protected with the highest levels of encryption, access control, and authentication.