The cybersecurity and enterprise world have deep knowledge of attacks towards computers and servers running Linux or windows but not towards mobile operating systems such as Android and iOS and others.

In the digital era, most people use their smartphone to browse the internet, and bring your own device has become the norm in the workplace, but these smart devices are the victims of embedded malware developed by skilled hackers, who are willing to extract as much as information for their own financial benefit.

Most of the mobile malware creators are interested in the following information from your smartphone:

MSISDN/telephone…

Quando fala-se de virus moveis muita gente ainda pensa que é um mito e que esses tipos de virus não existem, mas esses virus são muitos comuns e afectam todas as plataformas ou sistemas operativos.

Antes de explicar qual sistema mas suscetível a infecçōes de virus, primeiro vou falar sobres os sistemas operativos e a segurança que eles oferecem para prevenção contra esses virus.

Sistemas operativo Android

O Android é um sistema operativo de código aberto da Google, a Google permite que os fabricantes de smartphones façam alterações e personalizem a parencia do sistema operativo. …

What is Single Ring Solicitation Fraud (Wangiri Fraud)?

Single ring solicitation Fraud

• Happens when a fraudster uses one or more Premium Rate Numbers or High Tariff numbers to generate a large number of missed calls to a specific or multiple ranges of MSISDNs belonging to an telecommunication operator. These destination numbers are usually unknown to the subscribers that receives the missed calls.
• The fraudster generates these Single ring solicitation Calls expecting the subscribers to return the calls to Premium Rate Numbers or High Tariff numbers, so that they can generate some revenue from it therefore it is concluded by fraud experts that “The motivation behind this fraud is international revenue share fraud”.

Analyzing the difference between normal ISUP calls from Single Ring Solicitation calls

• …

Mapping of USSD Top 10 Security Risks

Security should be at the heart of software systems, especially when there is money involved. In mobile money or mobile payment ecosystems which enable USSD feature are exposed to some risks can affect the credibility of the service and can be detrimental for the organization's revenue, if they are not taken into account and prevented before launching a mobile money service. Below are the most prevalent risks for mobile money payments related to USSD and the recommendations to mitigate them.

01. INSECURE COMMUNICATION

A cybercriminal can tamper with USSD command requests and responses by conducting man-in-the-middle…

Some of the top 5 technical books I have read — December 2020 to February 2021 edition.

In my quest to become the security professional that I am today, I have learned from multiple sources and one of these key sources are the technical books that I read, apart from the RFC, online courses, and of course the articles on Medium published by very skilled security professionals.

I would like to share some of the top 5 technical books and I will continue to share more.

1. Black Hat python, 1st Edition.

The book is written by Justin and Tim Arnold and foreword by one of…

In the digital era, we find ourselves connected to the internet all the time and from multiple devices. All these connected devices can be compromised by cybercriminals to steal sensitive data such as credit card numbers, passwords, and others.

To increase the level of difficulty for a criminal who seeks to compromise your devices and stealing your information, one can adopt the following preventive measures.

1. Enable Automatic Updates By Default

Enabling automatic updates can save you from a lot of trouble. if your devices are not running the latest software then it is vulnerable to multiples attacks that can happen when you browse a website…

WHAT IS SMS PHISHING?

SMS phishing is the act of committing text message fraud to try to lure victims into revealing account information or installing malware.

In SMS phishing, Cybercriminals use a text message to try to get potential victims to give out personal information. The text message, which typically contains a link to a fake website that looks identical to the legitimate site, asks the recipient to enter personal information. Fake information is often used to make the texts appear to be from a legitimate organization or business.

WHY IS IT VERY COMMON NOW?

Due to the rapid adoption of smartphones and smartphones are the primary computing platform for…