Due to the appearance of a great amount of new extortion viruses, which like only Android devices, hackers have estimated a new way how to earn. Almost all malwares that spread are working on the same pattern: after the launch, Trojan locks the device and gets a message about money transfer to unlock. This is a very clear example of fraud.
Nevertheless this virus, found by Dr.Web experts, is more functional: except locking the device and message payment, he immediately puts a password on unlock screen using a simple system diagram. In addition, Trojan sends all kinds of messages that can lead to large financial losses.
Read moreSecurity researcher Will Dormann of the US Computer Emergency Response Team (CERT) has reported this week that over 350 apps from the Google Play and Amazon App stores have been compromised due to a flaw that fails to validate certificates over a secure socket layer.
The bug, which opens up many popular mobile applications such as the eBay mobile shopper and the Microsoft Tech Companion to fairly rudimentary man-in-the-middle attacks, has been tracked and logged by the CERT team for only about a week now. But instead of waiting the standard 45-days to silently communicate the problem to the affected companies in order to give them a chance to get out in front of the issue with appropriate patches.
Read moreSMS-virus attacks Ukrainian users‘ smartphones. Only devices, based on Android platform are under thread. Many owners of smartphones, Ukrainian mobile operators subscribers became victims of SM-virus. It attacks in such a way that all money is drawn from account, calls are locked, and thus a virus sends messages with the harmful program link to all contacts in the phone book.
Having received the message from known or unknown number, the subscriber follows the link and automatically catches Trojan. After installation, the virus sends information on the victim‘s device, such as IMEI, IMSI, owner‘s number, his location, the version of OS, the model of smartphone etc.
Read moreThe Bluebox Labs Company experts have published information about security vulnerability on Android platform which allows hackers to get access into functions of gadgets and to personal information without user‘s knowledge.
However many users are in danger as vulnerability was corrected only in the last Android version, but in other versions it still exists. After the Bluebox Labs Company found vulnerability, in English-speaking releases "hole" it was called "super vulnerability of new type", it is likely because of possibility to extend extremely malicious software. BlueBox experts called vulnerability Fake ID, because it allows malware apps to pass fake credentials to Android, which fails to properly verify the app's cryptographic signature.
Read moreBoffins get your mobe to spill the beans using Google text-to-speech kit. Researchers from the Chinese University of Hong Kong have developed bizarre malware that dictates contacts, emails and other sensitive text data in order to steal it.
In the novel attack a seemingly innocuous app that required no permissions called a bad guy's phone number and blabbered the stolen data out of the speakers and down the microphone using Google Voice Services (GVS). It affected 'nearly all' Android devices and could not be detected by VoicEmployer malware or victims, provided savvy hackers conducted the attack in the wee hours with the volume turned down.
Read moreThe problem of information security is very important in the world where mobile devices are popular. In order to determine the location of a person, an attacker needs only data that is transmitted by the phone.
Electronic Frontier Foundation Corporation has published a report about the presence of vulnerabilities in Android devices. This vulnerability enables an attacker to determine the movement route of the user on the basis of information about Wi-Fi networks connected by the user. The problem is in PNO function (Preferred Network Offload), which was first introduced in Android 3.1 Honeycomb.
Read moreBefore selling phone, we delete everything and use factory data reset that any smartphone has, but let’s take Android OS.
In fact everything is very easy, it is just necessary to press the button and all files are deleted, but it is true? AVAST engineers made an experiment in order to check whether personal user data could be recovered from phones. For this purpose the company purchased 20 used Android smartphones on eBay and then workers used widely available forensic software that can restore remote files. Results showed that factory data reset doesn’t guarantee full personal data removal.
Read moreSecurity researchers from MetaIntell have discovered security vulnerability in the new version of Facebook SDK that put millions of Facebook user's Authentication Tokens at risk.
With help of Facebook SDK for Android and iOS it is easy to integrate mobile apps with Facebook platform. The set of program tools gives creators a chance to simplify process of reading and writing to Facebook APIs and other. “Login as Facebook” function is a secure and personalized way for users to sign, because sharing passwords is not needed.
Read moreBoth mobile operating systems pose risks to the enterprise. A new report about mobile threats in 2014 from Marble Security maintains that neither iOS nor Android is inherently more secure than the other OS.
In spite of the level of protection in iOS is higher, than in Android, none of these platforms are absolutely safe. The risks to enterprises allowing employees to bring in their own devices, whether iOS or Android-based, are not that dissimilar. But iOS has its own advantages, for example, non-jailbroken iOS devices can only download apps from Apple’s App Store which is strictly checked on existence of malicious software by Apple.
Read moreBe among the first users of SafeUM! Participate in testing of the innovative secure messenger and become a part of developers professional team.
Make sure you share your comments and reviews in the social networks, using hashtag #SafeUM, as the most active participants will get PREMIUM subscription for a year! We are looking forward to your suggestions, comments and reviews about SafeUM. Become a tester here
Read moreAxarhöfði 14,
110 Reykjavik, Iceland