Company expels 20 advanced surveillance apps installed on ~100 devices. Dan Goodin – 7/27/2017 Google has expelled 20 Android apps from its Play marketplace after finding they contained code for monitoring and extracting users’ e-mail, text messages, locations, voice calls, and other sensitive data. The apps, which made their way onto… Continue reading Stealthy Google Play apps recorded calls and stole e-mails and texts
Month: July 2017
Don’t want your SMSs stolen? Don’t download these Android apps
July 27, 2017 By Bill Brenner It’s normal for Android apps to download plugins. The main application might just be a “view folder” while plugins provide much of the functionality. It’s not so normal when one of those plugins tries to steal your SMS messages. SophosLabs has discovered two apps on Google… Continue reading Don’t want your SMSs stolen? Don’t download these Android apps
The state of ransomware among SMBs
July 27, 2017 by Wendy Zamora Full Article. Take a look at the best antivirus, anti-malware, anti-spy, etc. software Powered by WPeMatico
Google Takes Second Swing at OAuth Worm
By Ionut Arghire on July 26, 2017 Mitigations put in place by Google in May 2017 to help block phishing attacks such as the recent OAuth worm weren’t enough to completely mitigate the issue, as Google’s platform still allowed malicious OAuth clients to be submitted under deceiving names, Proofpoint security researchers say. The… Continue reading Google Takes Second Swing at OAuth Worm
Revealed: 779 cases of data misuse across 34 British police forces
Probe finds widespread abuse of cop IT systems by personnel By John Leyden 26 Jul 2017 A freedom-of-information request by Huntsman Security has discovered that UK police forces detected and investigated at least 779 cases of potential data misuse by personnel between January 2016 and April 2017. Despite the high number of… Continue reading Revealed: 779 cases of data misuse across 34 British police forces
Hacked Smart Fish Tank Exfiltrated Data to ‘Rare External Destination’
By Kevin Townsend on July 26, 2017 Insiders attached two Raspberry Pi devices to a corporate healthcare network to help divert staff to a phishing website to phish staff credentials. An internet-connected smart fish tank transferred 10GB of data to an adversary’s server in Finland. These are two of nine real-life examples presented… Continue reading Hacked Smart Fish Tank Exfiltrated Data to ‘Rare External Destination’
Code Execution Vulnerabilities Patched in FreeRDP
By Eduard Kovacs on July 26, 2017 Researchers at Cisco’s Talos security intelligence and research group have discovered several potentially serious vulnerabilities in FreeRDP. The tool’s developers patched the flaws on Monday with the release of an update. FreeRDP is an open-source implementation of Microsoft’s Remote Desktop Protocol (RDP). The software, which allows… Continue reading Code Execution Vulnerabilities Patched in FreeRDP
Windows SMB Zero Day to Be Disclosed During DEF CON
July 26, 2017 by Michael Mimoso LAS VEGAS—A 20-year-old Windows SMB vulnerability is expected to be disclosed Saturday during a talk at DEF CON. Microsoft has said it will not patch the vulnerability, which allows an attacker to remotely crash a Windows server with relative ease using only 20 lines of Python… Continue reading Windows SMB Zero Day to Be Disclosed During DEF CON
Turkish Android App Store 100% Flush with Malware
25th July 2017 By Tara Seals CepKutusu, a Turkish alternative Android app store, was found to be 100% infested with malware—where every single app delivered malicious code. Eset researchers discovered that when users browsed the store and proceeded to download an app, the “download now” button led to banking malware instead of the… Continue reading Turkish Android App Store 100% Flush with Malware
This ransomware lets crooks spot their victim on a map
Ransomware has always been sinister – now it’s creepy too. By Danny Palmer | July 25, 2017 This is a Philadelphia ransomware ransom note targeting a hospital — but users will see something similar on their own computers if they’re not careful. Image: Proofpoint As if ransomware wasn’t sinister enough, a simple… Continue reading This ransomware lets crooks spot their victim on a map