Tag: keylogger

Flaw Leaves 900M Android Devices Vulnerable

Flaw Leaves 900M Android Devices Vulnerable

A security researcher claims to have uncovered a flaw in the Android security model that leaves almost all devices running the mobile operating system vulnerable to attacks and malicious software. Jeff Forristal, the Chief Technology Officer at Bluebox Security posted a description of the flaw on Wednesday. It affects Android devices running any version of the OS released in the past four years, starting with Version 1.6 (codename: “Donut” ) – a population of nearly 900 million devices. Discrepancies in how Android applications are cryptographically signed and then verified by Android allow a malicious attacker to modify the application package file (or APK) code without breaking the cryptographic signature. The implications of the flaw are huge. A malicious application installed on a vulnerable Android device could access any data stored on the device. For applications, such as mobile virtual private network (VPN), an attacker who could alter the application’s code or […]

Civilian use of UAVs is set to explode in the US and elsewhere, but are the devices prone to hacking? (Photo by Eivind Sennese)

Future Will Bring More Drones, More Drone Hacks

Unmanned Aerial Vehicles, or UAVs (aka “drones”) are evolving – and fast. Just within the last five years, drones have morphed from stealthy and secretive military gear used for hunting down terrorists in the hills of Afghanistan and Yemen, to widely available consumer technology. The “consumerization” of UAV technology has  created a lot of opportunities for Cool! – like this video of a UAV flying over (and almost in to) Niagra Falls. But it has also led to some problems. In March, a UAV “quadrcopter” came within a couple hundred feet of striking an Alitalia flight trying to land at JFK Airport in New York. More concerning: the FAA is set to license tens of thousands of drones for use over the U.S., many by law enforcement or private security firms. That has prompted warnings about a huge breach of privacy for U.S. citizens. But one security researcher warns that […]

Browser Plug-in Steals Facebook Logins, Pumps Spam For GM Cars

Browser Plug-in Steals Facebook Logins, Pumps Spam For GM Cars

Microsoft is warning users of Google’s Chrome and The Mozilla Foundation’s Firefox web browsers that a malicious browser extension for those platforms attempts to steal Facebook account login information after it is installed. The attacks have mostly occurred in Brazil, Microsoft, and have been linked to spam campaigns promoting GM cars, like the Chevy Celta, an ultracompact car produced by General Motors do Brasil, according to a post on Microsoft’s Technet web site. Microsoft identified the malware bundled with the browser extensions as Febipos.A, a malicious Trojan. After being installed, the Trojan waits for the user to log in to Facebook before it springs to life. Febipos downloads commands from a remote website that instruct it to carry out a wide range of actions through the active Facebook account, including wall posts, sharing and “liking” pages, commenting on other users’ posts and inviting Facebook friends to a group chat. You […]

The controversy over SSL-busting software on Lenovo laptops keeps getting bigger. Is this the end of SSL?

Update: Hack Investigation At Dept. of Labor Turns Up Internet Explorer 8 Zero Day Hole

A hack of the U.S. Department of Labor web site that was revealed late last week is being described as a “watering hole” style attack aimed at compromising the systems of other government workers, in part using an exploit for a previously unknown (or “zero day”) security vulnerability in some versions of Microsoft’s Internet Explorer web browser.(*) Multiple reports last week indicated that a security breach of the Department of Labor web site had occurred. Accounts indicated that visitors to the site using versions of Internet Explorer were being attacked using exploits for a known vulnerability. Over the weekend, however, researchers analyzing the attacks say that it used an exploit for a zero day hole in IE8, and that details of the attack tie it to a China-based hacking group known as “DeepPanda.” In a blog post on Friday, researchers at the security firm Invincea said that they believed that the […]

New Banking Trojan Hacks The FAQ To Fool Users

New Banking Trojan Hacks The FAQ To Fool Users

Cyber criminals are notoriously crafty and persistent, especially when it comes to defeating security measures created to thwart them. But a group behind a recent version of the Ramnit banking malware has raised their game to a new level: hacking the customer FAQ (frequently asked questions) document to make their malicious activity look like it was business-as-usual. A report on Tuesday by the security firm Trusteer finds that new variants of Ramnit targeting a UK bank  have added features to game a one-time-password (OTP) feature at the bank. Among other tricks, the Ramnit variant uses an HTML injection attack to alter the wording of the bank’s customer FAQ, making it seem as if prompts created by the malware were standard security features at the bank. The report, published on the Trusteer blog, described a complex ruse in which Ramnit lies dormant on infected machines, then springs to action once a […]