malware

Millions Of Android Users Vulnerable To Security Breaches

Source: http://www.businessinsider.com/android-security-vulnerability-2013-8

Android Phones

Millions of Android smartphone users are susceptible to security vulnerabilities such as viruses and malware, according to an internal bulletin prepared by the Department of Homeland Security and the FBI.

The July 23 bulletin, obtained by the website Public Intelligence, reveals that Android — as the most widely used mobile OS — continues to be the target of attacks due to “its market share and open source architecture.”

“44 percent of Android users are still using version 2.3.3 through 2.3.7 — known as Gingerbread — which were released in 2011 and have a number of security vulnerabilities that were fixed in later versions,” the bulletin reads.

Android leads the smartphone market, with roughly 80% global market share. While more popular in the consumer, rather than the public sector, the bulletin warns that software needs to be kept up-to-date as more federal, state, and local authorities use Android.

The bulletin describes some of the threats if the OS isn’t updated to the latest, and more secure software. These include viruses that send out text messages without the user’s knowledge, and “rootkits,” which are able to log user locations and passwords.

The current 4.3 version of Android, known as Jelly Bean, is considered much safer — with a built-in feature that allows users to scan installed apps for signs of malicious or dirty code, according to Phandroid.

Join the conversation about this story »


    



Tags: , , , , , , , , , , , , , , ,

Monday, August 26th, 2013 Uncategorized No Comments

Microsoft’s Anti-Android Twitter Campaign Blew Up In Its Face (MSFT, GOOG)

Source: http://www.businessinsider.com/microsofts-anti-android-twitter-campaign-blew-up-in-its-face-2012-12

Microsoft’s official Windows Phone Twitter account began a hashtag campaign yesterday asking people to use #droidrage to complain about malware on Android devices.

(It’s often a complaint that Android devices are more susceptible to malware than other phones. However, Google has done a good job at cracking down on malicious apps in its Google Play app store, so it hasn’t really been a problem for most people lately.)

As one would expect, the campaign is blowing up in Microsoft’s face.

Android fans used the hashtag to blast Microsoft’s new Windows Phone 8 operating system. We searched the hashtag and picked out a few good ones. Thanks to DroidLife for picking up on this. 

Now check out our review of HTC’s Windows Phone 8x >

Enjoy:

Whoops. Just activated another million devices today. Sorry bout that, @windowsphone. #DroidRage

— Android Central (@androidcentral) December 5, 2012

My wireless mouse wasn’t compatible with Win8 so I downloaded an app on my Nexus phone to act as a mouse for my PC #DroidRage

— Mayur (@mayur24) December 5, 2012 < blockquote>

You are as vulnerable to malware on Android as you are on a desktop computer. Be smart. Think then press. #droidrage

— Jeanie Lam (@jeanielam) December 5, 2012

I hate how everyones windows phone looks the same and everyones android looks customized and personal! #DroidRage

— James Anthony (@_JamesAnthony) December 5, 2012

Please follow SAI: Tools on Twitter and Facebook.

Join the conversation about this story »

Tags: , , , , , , , , , , , , , , , , , , ,

Wednesday, December 5th, 2012 news No Comments

Source: http://gizmodo.com/5936536/new-frankenstein-virus-can-build-itself-on-any-computer-from-stolen-snippets-of-code

New Frankenstein Virus Can Build Itself on Any Computer From Stolen Snippets of CodeWhat if a virus were a shapeshifter, able to change its appearance each time it infects a machine? What if a virus used your own files against you, able to ransack the programs on your computer for the bits of code it needs? Judging from the progress made on the Frankenstein virus, a venture sponsored by the U.S. Air Force, that may soon be a reality.

Developed by two professors at the University of Texas at Dallas, New Scientist says the Frankenstein virus is essentially a program compliler with directions about the algorithms it needs to assemble. Once unpacked and functional, it begins searching the software on your computer for the code it needs—generally taking little snippets called gadgets. These gadgets are written to perform specific actions and thus can be transposed over to another program more easily. The researchers only had the Frankenstein virus create two simple algorithms as a proof of concept, but they believe it can assemble any program, including full-scale malware.

And though there have been other viruses that can change their code, Frankenstein is believed to be more dangerous because it can also change its every aspect of itself to hide on your computer.

Frankenstein is different because all of its code, including the blueprints and gadget-finder, can adapt to look like parts of regular software, making it harder to detect. Just three pieces of such software are enough to provide over 100,000 gadgets, so there are a huge number of ways for Frankenstein to build its monster, but it needs blueprints that find the right balance. If the blueprint is too specific, it leaves Frankenstein little choice in which gadgets to use, leading to less variation and making it easier to detect. Looser blueprints, which only specify the end effects of the malware, are too vague for Frankenstein to follow, for now.

Obviously the military wants this for its ongoing cyberwarfare efforts. But if this ever gets in the hands of script kiddies, we’re in trouble. [New Scientist]

Image by gualtiero boffi/Shutterstock

Tags: , , , , , , , , , , , , , , , , , , ,

Tuesday, August 21st, 2012 news No Comments

Fake Angry Birds Space Android App Is Full of Malware (Updated) [Android]

Source: http://gizmodo.com/5901691/psa-fake-angry-birds-space-android-app-is-full-of-malware

PSA: Fake Angry Birds Space Android App Is Full of Malware (Updated)There’s a fake Angry Birds Space app in the Android Market available on Android phones that infests your phone with malware.

According to Sophos, a digital security firm, the malware hides its “payload” deep inside two .JPEG files. Once installed, it downloads additional malware to your phone, and enlists your phone as part of a botnet. From there, your phone can be used as muscle for any number of hacker ops.

The easy way to avoid getting nailed by fake app malware is to always be sure to check the developer on any app you download. If you’ve already downloaded Angry Birds Space, take a second to make sure that you’ve got the right one, and if not, consider securely wiping your phone once you’ve backed up important data.

Malware happens, but erm, isn’t this one that Google’s Android Market Bouncer really should have caught? [Business Insider via All Things D]

Update: We originally posted that the fake app was available through the Android Market. That’s incorrect. It is only available through third party stores, so if you go through official Android channels for your apps, you shouldn’t have any problems.

Tags: , , , , , , , , , , , , , , , , ,

Friday, April 13th, 2012 news No Comments

Source: http://gizmodo.com/5882888/new-man-in-the-browser-attack-bypasses-banks-two+factor-authentication-systems

New "Man in the Browser" Attack Bypasses Banks' Two-Factor Authentication SystemsThe banking industry often employs two-step security measures—similar to Google Authenticator—as an added layer of protection against password theft and fraud. Unfortunately, those systems have just been rendered moot by a highly-advanced hack.

The attack, know as the Man in the Browser method, works like this. Malicious code is first introduced onto the victim’s computer where it resides in the web browser. It will lay dormant until the victim visits a specific website—in this case, his bank’s secure website. Once the user attempts to log in, the malware activates and runs between the victim and the actual website. Often the malware will request that the victim enter his password or other security pass into an unauthorized field, in order to “train a new security system.” Once that happens, the attacker has full access to the account.

Luckily, the method is only a single-shot attack. That is, the attacker is only able to infiltrate the site once with the user-supplied pass code. But, once in, the attacker can hide records of money transfers, spoof balances and change payment details. “The man in the browser attack is a very focused, very specific, advanced threat, specifically focused against banking,” Daniel Brett, of malware testing lab S21sec, told the BBC.

Since this attack has shown that the two-factor system is no longer a viable defense, the banking industry may have to adopt more advanced fraud-detection methods similar to what secure credit cards. When compared to having your account silently drained, standing in line for the teller suddenly doesn’t seem like that much of a hassle. [BBC News via Technology Review]

Image: jamdesign / Shutterstock

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Tuesday, February 7th, 2012 news No Comments

Twitter Just Acquired A Huge Anti-Spam Startup

Source: http://www.businessinsider.com/twitter-dasient-2012-1


Dasient

Twitter has acquired security startup Dasient, a company that specializes in fighting spam and malware.

The Dasient team will be plugged into Twitter’s “revenue engineering” group as Twitter monetizes with self-serve ads, reports TechCrunch.

In terms of the size of the team this acquisition was a large one, said TechCrunch’s sources.

It could be a match made in heaven — the most likely scenario seems that Twitter wants to protect its self-serve ad product from being used as a vehicle for spam.

With Dasient being well-versed in anti-spam and anti-malware efforts, it could be just what Twitter needs to maintain the product.

Please follow SAI on Twitter and Facebook.

Join the conversation about this story »

See Also:




drag2share – drag and drop RSS news items on your email contacts to share (click SEE DEMO)

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Tuesday, January 24th, 2012 news No Comments

Cybercrooks Target Social Networks

Source: http://feeds.marketingcharts.com/~r/marketingcharts/~3/16mASWhC9kU/

Cybercriminals are turning their attention to users of social networks such as Facebook and Twitter, according to a new report [pdf] from IT security and data protection firm Sophos.

Spam, Malware Attacks on the Rise Sophos’ Security Threat Report: 2010 indicates criminals have increasingly focused attacks on social networking users in the past 12 months, with a […]<img src="http://feeds.feedburner.com/~r/marketingcharts/~4/16mASWhC9kU" height="1" width="1"/>

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Friday, February 5th, 2010 digital No Comments

Dr. Augustine Fou is Digital Consigliere to marketing executives, advising them on digital strategy and Unified Marketing(tm). Dr Fou has over 17 years of in-the-trenches, hands-on experience, which enables him to provide objective, in-depth assessments of their current marketing programs and recommendations for improving business impact and ROI using digital insights.

Augustine Fou portrait
http://twitter.com/acfou
Send Tips: tips@go-digital.net
Digital Strategy Consulting
Dr. Augustine Fou LinkedIn Bio
Digital Marketing Slideshares
The Grand Unified Theory of Marketing