In-brief: A new and sophisticated ransomware family dubbed “Fessleak” is spreading in malicious advertising (or “malvertising”) campaigns by exploiting newly disclosed flaws in Adobe’s Flash technology.
fraud
BMW Fixes ConnectedDrive Flaw with Over the Air Patch
In-brief: German carmaker BMW used a ‘over the air’ wireless patch to close a security flaw that could have allowed hackers to unlock the doors of Rolls-Royce, Mini and BMW vehicles.
Malicious or Obnoxious? Chinese Mobile Vendor CoolPad Uses Secret Backdoors
CoolPad, an up-and-coming Chinese mobile phone maker, is shipping high-end, Android smart phones with so-called “back door” access built into the phone’s software. That, according to research by the firm Palo Alto Networks. Palo Alto researchers Claud Xiao and Ryan Olson released a report identifying the suspicious remote access software, which they dubbed “CoolReaper” on Wednesday. According to the report, the so-called “backdoor” program was shipped with stock operating systems (or ROMs) used by Coolpad’s “high end” phones in China and Taiwan. The software, which appears to have been created and managed by Coolpad, runs on top of the Android operating system and allows the company to remotely manage the phone independent of the wishes of its owner: pushing applications to the device without the user’s consent or notification, wiping data and applications, sending over-the-air (or OTA) updates to the phone, transmitting device data and sending arbitrary phone calls and SMS […]
Infographic: After A Year of Breaches, Are Retailers More Secure?
After a year in which some of the U.S.’s top retailers found themselves on the wrong side of sophisticated, cyber criminal hacking groups, you may be tempted to search for a silver lining. Maybe the up side of all the attacks on retail networks and point of sale systems is an improved security posture overall? After all: if your neighbors to the left and right have their house broken into, you may well beef up your locks and alarms, even if your house hasn’t been targeted. Or, at least, that’s how the thinking goes. But Boston-based BitSight took a look at how the retail sector is faring security-wise as 2014 draws to a close. BitSight is an interesting company. They market a kind of reputation monitoring service: assessing security posture for companies by observing how they look from the outside. Think of it as a kind of Experian or TransUnion for security. […]
A BlackBerry of Smart Glasses? Lenovo Courts Enterprise Wearables Market
The blog TechBitzz has an interesting write-up from Wednesday on electronics giant Lenovo’s partnership with a 35 person New York City based start-up, Vuzix to create an enterprise-ready equivalent to Google Glass. Vuzix was known as a maker of mounted video eyewear and launched its own smart glasses in December 2013. Earlier in 2014, the two companies struck a deal to have Lenovo sell Vuzix’s M100 as a co-brand. The glasses will run Google’s Android operating system – nothing new there. But what is different is Lenovo and Vuzix’ plans for marketing the device. Rather than target the (small) fan boy and early adopter consumer market, the two companies are focusing on business customers as a natural home for connected wearables like ‘smart’ glasses. Read more Security Ledger coverage of wearables here. Lenovo, it seems, is taking a decidedly less utopian view of wearables – seeing them as a natural replacement for its bulky laptops, […]
