Android Archives

Android

If you can’t trust a MAC address, what can you trust?

The concept of random and changing MAC addresses is not brand new, but is beginning to have a real impact on how network tools operate. The idea that operating system vendors are providing users with increasing privacy by making it harder for big corporations to track them is a double edged sword. How can networking tools continue to provide critical services such as network access control, guest and BYOD services in an environment where the identifier of the endpoint, the MAC address, is no longer stable.

May 25, 2021 • 3 min read

networking

Talos Group

DoNot’s Firestarter abuses Google Firebase Cloud Messaging to spread

The newly discovered Firestarter malware uses Google Firebase Cloud Messaging to notify its authors of the final payload location. Even if the command and control (C2) is taken down, the DoNot team can still redirect the malware to another C2 using Google infrastructure. The approach in the final payload upload denotes a highly personalized targeting […]

October 29, 2020 • 1 min read

threat research

Talos Group

The Wolf Is Back…

Cisco Talos has discovered a new Android malware based on a leak of the DenDroid malware family. We named this malware “WolfRAT” due to strong links between this malware (and the command and control (C2) infrastructure) and Wolf Research, an infamous organization that developed interception and espionage-based malware and was publicly described by CSIS during VirusBulletin […]

May 19, 2020 • 1 min read

security

Anand Oswal

Stay Connected in Digital Spaces with OpenRoaming

Enabling customers, guests, and employees to automatically join wireless networks without passwords is good. Identifying their location, in real-time, to provide them with a personalized experience is even better.

November 19, 2019 • 6 min read

networking

Talos Group

Gustuff banking botnet targets Australia

Cisco Talos has uncovered a new Android-based campaign targeting Australian financial institutions. As the investigation progressed, Talos came to understand that this campaign was associated with the "ChristinaMorrow" text message...

April 9, 2019 • 1 min read

threat research

Talos Group

ExileRAT shares C2 with LuckyCat, targets Tibet

Cisco Talos recently observed a malware campaign delivering malicious Microsoft PowerPoint document using a mailing list run by the Central Tibetan Administration (CTA), an organization officially representing the Tibetan government-in-exile....

February 4, 2019 • 1 min read

threat research

Talos Group

Persian Stalker pillages Iranian users of Instagram and Telegram

State-sponsored actors have a number of different techniques at their disposal to remotely gain access to social media and secure messaging applications. Starting in 2017 and continuing through 2018, Cisco...

November 5, 2018 • 1 min read

threat research

Talos Group

Fake AV Investigation Unearths KevDroid, New Android Malware

Talos identified two variants of the Android Remote Administration Tool (RAT) with the capability to steal information on the compromised device (contacts, SMS and phone history) and record phone calls.

April 2, 2018 • 1 min read

threat research

John Gaudin

The Mobile Workspace For Collaboration

The first thing you may wonder is how can you have a mobile workspace. After all, the point of being mobile is that you can be anywhere and if you’re anywhere, you may not have a physical workspace. This means your accessories must also be mobile. They should fit in your pockets, or at least […]

October 13, 2015 • 3 min read

collaboration