Java

BadNews Android Applications

New Mobile Malware Taps Ad Networks To Spread

It was only a couple weeks back that we wrote about new research from the folks at WhiteHat Security that posited a way for mobile ad networks to be gamed and used to distribute malicious code. Now it looks as if the bad guys were one step ahead, as researchers at Palo Alto Networks reveal new type of malicious Android malware that uses mobile ad networks to infect vulnerable devices. Palo Alto described the new, malicious mobile software, dubbed “Dplug,” in a blog post on Monday. The company said the malware authors appear to be leveraging second tier mobile ad networks, mostly in Russia and the former Soviet Republics), to distribute their wares. The Dplug malware takes advantage of the deep integration between mobile applications and mobile advertising networks to gain a foothold on infected devices, then send out messages to premium SMS services to generate money for the fraudsters, according […]

Continue Reading
NEST Thermostat-BlackHat-scaled

Security Of “Things” Increasingly The Stuff Of Headlines

It looks as if the mainstream media is waking to the security implications of the “Internet of Things,” in the wake of recent demonstrations at the Black Hat and DEFCON conferences that highlight vulnerabilities in everything from home automation systems to automobiles to toilets. Stories in The New York Times and other major news outlets in the last week have highlighted concerns about “the cyber crime of things” as Christopher Mims, writing in The Atlantic, called it. Insecure, Internet connected devices ranging from surveillance cameras to home heating and cooling systems could leave consumers vulnerable to remote attacks and spying. The stories come after hacks to non-traditional computing platforms stole most of the headlines from this year’s Black Hat and DEFCON shows in Las Vegas. A compromise of a Toyota Prius hybrid by researchers Charlie Miller of Twitter and Chris Valasek of IOActive was featured prominently in stories by Forbes and […]

Continue Reading

Samsung Smart TV: Like A Web App Riddled With Vulnerabilities

Smart television sets aren’t short on cool features. Users can connect to Facebook and Twitter from the same screen that they’re using to watch Real Housewives of New Jersey, or log into Skype and use a built in- or external webcam to have a video chat. Unfortunately, the more TVs start to look like computers, the more they are becoming subject to the same underlying code vulnerabilities that have caused headaches and heartache in the PC space. That was the message of two researchers at the Black Hat Briefings security conference Thursday, who warned that one such product, Samsung’s SmartTV, was rife with vulnerabilities that could leave the devices vulnerable to remote attacks. Vulnerabilities in the underlying operating system and applications on Samsung SmartTVs could be used to steal sensitive information on the device owner, or even spy on the television’s surroundings using an integrated webcam, said Aaron Grattafiori and Josh […]

Continue Reading

Security Start-Up, University Team On Android Patch App

The saga of the application-signing flaw affecting Google’s Android mobile phones took another turn Tuesday when a Silicon Valley startup teamed with graduate students from Northeastern University in Boston to offer their own fix-it tool for hundreds of millions of Android phones that have been left without access to Google’s official patch. Duo Security announced the availability of an Android utility dubbed “ReKey” on Tuesday. The tool allows Droid users to patch the so-called “Master Key” vulnerability on Android devices, even in the absence of a security update from Android handset makers (OEMs) and carriers who distribute the phones, according to a post on the Duo Security blog. The tool can be downloaded from the site rekey.io. “ReKey is the latest of our research projects designed to make the Internet a safer place,” said Collin Mulliner, a postdoctoral researcher at NEU SecLab in a joint press release issued by NEU […]

Continue Reading

The History Of Programming Languages – And Their Popularity

Our friends over at Veracode posted a great little infograph this week that explains the history of computer programming languages, starting with software development’s forefather foremother, the lovely Ada Lovelace, who is credited with developing the first programming language, an algorithm for a mechanical computer dubbed the Analytic Engine in 1883! The graphic describes the history of modern programming languages, including COBOL, FORTRAN and LISP in the 1950s and 60s, up to today’s dominant languages: Java, C and Objective-C. Check it out! Infographic by Veracode Application Security

Continue Reading
1 2 3 4 5