Mobile & Wireless

Skype Fixes Privacy Vulnerability in Skype for Android

Today, Skype released a new version of the Skype for Android application containing a fix to the recent vulnerability reported last week.

Mike Lennon

April 20, 2011

Today, Skype released a new version of the Skype for Android application containing a fix to the recent vulnerability reported last week.

Last week, a researcher discovered and shared the details of a vulnerability that stemmed from how Skype stores data, such as your contacts, profile, instant message logs, and more. The Skype application left these files completely unencrypted and with improper permissions, allowing anyone or any application to read them.

A Skype representative told SecurityWeek that they have not had any reports of 3rd party malicious applications misusing information from the Skype directory on Android devices. Skype said they will continue to monitor the situation closely.

Skype highly encourages users to download Skype only from skype.com, or from the Android Market links on skype.com.

Interested in Mobile & Device Security? Register for the Live Webinar: 04/27 at 1PM EST: “I Know What Your Employees Did Last Week” Presented by Award Winning Author, Robert Vamosi.

Written By Mike Lennon

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Latest News

Click to comment

Virtual Event: Threat Detection and Incident Response Summit

Wednesday, May 24, 2023

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Virtual Event: CISO Forum Virtual Summit

June 13-14, 2023

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Breaking Enterprise Silos and Improving Protection

When teams have a way to break down enterprise silos and see and understand what is happening, they can improve protection across their increasingly dispersed and diverse environment. (Matt Wilson)

Security Pros: Before You Do Anything, Understand Your Threat Landscape

Regardless of the use case your security organization is focused on, you’ll likely waste time and resources and make poor decisions if you don’t start with understanding your threat landscape. (Marc Solomon)

Today’s Cyber Defense Challenges: Complexity and a False Sense of Security

Industry standard frameworks and guidelines often lead organizations to believe that deploying more security solutions will result in greater protection against threats. (Torsten George)

Cutting Through the Noise: What is Zero Trust Security?

With proactive steps to move toward Zero Trust, technology leaders can leverage an old, yet new, idea that must become the security norm. (Marie Hattar)

Triple Threat: Insecure Economy, Cybercrime Recruitment and Insider Threats

A wave of layoffs, coupled with increased recruitment efforts by cybercriminals, could create the perfect conditions for insider threats to flourish (Derek Manky)

Mobile & Wireless

Mobile Security Client Market to Hit $2.9 Billion by 2017: Report

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

SecurityWeek NewsApril 30, 2013

New iOS exploit blamed on US intelligence

Mobile & Wireless

Apple Patches WebKit Code Execution in iPhones, MacBooks

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Ryan NaraineJanuary 23, 2023

Mobile & Wireless

Project Zero: Samsung Mobile Chipsets Vulnerable to Baseband Code Execution Exploits

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Ryan NaraineMarch 16, 2023

Mobile & Wireless

Arm Vulnerability Leads to Code Execution, Root on Pixel 6 Phones

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Ionut ArghireJanuary 24, 2023

Mobile & Wireless

Samsung Galaxy Store Flaws Can Lead to Unwanted App Installations, Code Execution

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Ionut ArghireJanuary 23, 2023

Mobile & Wireless

Android’s February 2023 Updates Patch 40 Vulnerabilities

The February 2023 security updates for Android patch 40 vulnerabilities, including multiple high-severity escalation of privilege bugs.

Ionut ArghireFebruary 9, 2023

Mobile & Wireless

Apple Patches Exploited iOS Vulnerability in Old iPhones

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Eduard KovacsJanuary 24, 2023

Cybercrime

Sophisticated ‘VastFlux’ Ad Fraud Scheme That Spoofed 1,700 Apps Disrupted

A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.

Ionut ArghireJanuary 20, 2023

SECURITYWEEK NETWORK:

ICS:

SecurityWeek

Mobile & Wireless

Skype Fixes Privacy Vulnerability in Skype for Android

More from Mike Lennon

Latest News

Virtual Event: Threat Detection and Incident Response Summit

Virtual Event: CISO Forum Virtual Summit

Expert Insights

Breaking Enterprise Silos and Improving Protection

Security Pros: Before You Do Anything, Understand Your Threat Landscape

Today’s Cyber Defense Challenges: Complexity and a False Sense of Security

Cutting Through the Noise: What is Zero Trust Security?

Triple Threat: Insecure Economy, Cybercrime Recruitment and Insider Threats

Related Content

Mobile & Wireless

Mobile Security Client Market to Hit $2.9 Billion by 2017: Report

Mobile & Wireless

Apple Patches WebKit Code Execution in iPhones, MacBooks

Mobile & Wireless

Project Zero: Samsung Mobile Chipsets Vulnerable to Baseband Code Execution Exploits

Mobile & Wireless

Arm Vulnerability Leads to Code Execution, Root on Pixel 6 Phones

Mobile & Wireless

Samsung Galaxy Store Flaws Can Lead to Unwanted App Installations, Code Execution

Mobile & Wireless

Android’s February 2023 Updates Patch 40 Vulnerabilities

Mobile & Wireless

Apple Patches Exploited iOS Vulnerability in Old iPhones

Cybercrime

Sophisticated ‘VastFlux’ Ad Fraud Scheme That Spoofed 1,700 Apps Disrupted

SECURITYWEEK NETWORK:

ICS:

More from Mike Lennon

Latest News

Trending

Daily Briefing Newsletter

Virtual Event: Threat Detection and Incident Response Summit

Virtual Event: CISO Forum Virtual Summit

Expert Insights

Breaking Enterprise Silos and Improving Protection

Security Pros: Before You Do Anything, Understand Your Threat Landscape

Today’s Cyber Defense Challenges: Complexity and a False Sense of Security

Cutting Through the Noise: What is Zero Trust Security?

Triple Threat: Insecure Economy, Cybercrime Recruitment and Insider Threats

Related Content

Mobile & Wireless

Mobile Security Client Market to Hit $2.9 Billion by 2017: Report

Mobile & Wireless

Apple Patches WebKit Code Execution in iPhones, MacBooks

Mobile & Wireless

Project Zero: Samsung Mobile Chipsets Vulnerable to Baseband Code Execution Exploits

Mobile & Wireless

Arm Vulnerability Leads to Code Execution, Root on Pixel 6 Phones

Mobile & Wireless

Samsung Galaxy Store Flaws Can Lead to Unwanted App Installations, Code Execution

Mobile & Wireless

Android’s February 2023 Updates Patch 40 Vulnerabilities

Mobile & Wireless

Apple Patches Exploited iOS Vulnerability in Old iPhones

Cybercrime

Sophisticated ‘VastFlux’ Ad Fraud Scheme That Spoofed 1,700 Apps Disrupted