The latest data from Google on use of its Android mobile operating systems highlights the challenge facing the company, with just over 16% of Android users running Versions 4.1 or 4.2 – the latest versions of the OS, dubbed “Jelly Bean” more than six months after its release. In fact, fully 44% of Android users are still running the “Gingerbread” release – Versions 2.3.3 through 2.3.7, a two year-old version of the operating system that has known security vulnerabilities. This according to data released by Google on the Android developer blog. The operating system data was culled from Android devices that accessed Google Play, the company’s mobile application marketplace, during a 14 day period that ended on March 4. The diversity of the Android ecosystem is a byproduct of Google’s go-to-market strategy for the mobile OS. Unlike Apple, which controls both the hardware and software for its iPhones and iPads […]
Recent Posts
Evernote Denies Java Exploit Used In Hack
The online storage and productivity service Evernote said that it does not believe that the hack of its network that exposed information on 50 million users relied on an exploit of a Java vulnerability, as did recent attacks on Twitter and Facebook. In an e-mail response to questions from The Security Ledger about the hack, Ronda Scott, an Evernote spokeswoman, said that the firm does not believe that the hack used the Java exploit attributed to the other attacks, but said it was still investigating the incident. “It’s premature for us to comment on the methods used, the specific systems affected and/or origin and motivation,” she wrote. She said the company first became aware of the “unusual and potentially malicious” activity within its online service on February 28 and began notifying Evernote users of the need to reset their password the next day, March 1st. Scott maintained that Evernote hasn’t […]
EverNote Latest Site Hacked In Coordinated Attack
The online personal and business productivity service Evernote.com said on Saturday that it is the victim of a hack that exposed encrypted user password information, forcing password resets across a broad swath of the service’s 50 million registered users. The Redwood City, California-based firm revealed in a blog post that its internal security team discovered “suspicious activity on the Evernote network” that “appears to have been a coordinated attempt to access secure areas of the Evernote Service.” The company said it sent password reset messages to its users as a “precaution” but didn’t believe that stored information in users’ accounts or payment information had been exposed. The hack is just the latest of a prominent online firm. In recent weeks, Twitter, Facebook, Apple and Microsoft have all reported compromises of their internal networks. Those intrusions were linked to attacks aimed at developers and relied on exploits of previously unknown “zero day” […]
Craigslist Founder Has Twitter Account Hacked
Craig Newmark, the founder of the massively popular online bulletin board Craigslist, had his Twitter account compromised and used to distribute malicious links, according to a post on Thursday. Newmark, the 60 year-old software developer who launched Craigslist as an online information sharing site in the 1990s, posted three messages through his Twitter account late Thursday after he received messages from some of his 63,000 followers that they were receiving spam messages via Twitter Direct Messages. “Twitter account compromised? Just received this from you: “Have you seen this pic of you? lol,” wrote follower Tristan Justras (@tristanjutras). The post included a shortened link. Newmark’s first post, around 3:00pm Pacific Time Thursday, suggested he initially believed that the problems were due to his Twitter client. “Folks, thanks! I see the problem now, and I’m guessing it has to do with Twitter user tokens from other Twitter clients I’ve used,” Newmark wrote. […]
Malware’s Future Looks A Lot Like Its Present
SAN FRANCISCO – What does the future of malicious software look like? Depressingly like the present, according to a panel of leading experts. Phishing attacks, spam and even self-propagating worms will continue to plague technology users in the years ahead, just as they have for much of the last two decades, according to experts at the RSA Security Conference in San Francisco on Wednesday. However, the malware will operate across a far more crowded landscape of mobile devices, virtual machines, cloud-based computing resources and Internet connected “stuff” – complicating the job of securing sensitive information. The panel, “50 Minutes into the Future: Tomorrow’s Malware Threats” asked the experts to look into the crystal ball and predict what malicious software would look like in the near- and distant future. The answer was: much like it looks today. Dave Marcus, the director of security research and communications at McAfee Labs, said that the […]
