Security

Wed
01
Jul
John Lister's picture

25 Android Apps Steal Facebook Passwords

Google has removed 25 malicious Android apps which tried to steal user Facebook logins. As always, it's worth checking devices to see if these apps are installed, because they won't automatically uninstall from phones even being ousted from the Play ... Store. This particular batch of apps didn't have a common subject, but each promised to carry out a basic function, including: a flashlight, file cleaner, or card game. Hidden deep inside each app was malicious software that ran behind the scenes. The malware came alive each time an app was opened on the phone, specifically checking to see if the ... (view more)

Mon
22
Jun
John Lister's picture

SnapTube App Accused of Massive Subscription Fraud

An Android app with 40 million downloads has been linked to large-scale fraud against phone and tablet users. The "SnapTube" app reportedly tricks users with a free trial that leads to an expensive and unwanted subscription. The operators of the app ... say they were previously victims of illegal activity by an advertising partner but have now fixed the problem. SnapTube is a tool that was downloaded from the Google Play Store 40 million times before being removed. It was billed as a way to download videos from Facebook and YouTube, something that's not possible with those services own ... (view more)

Wed
17
Jun
John Lister's picture

31 Android Selfie / Photo Editors Are Actually Malware

Android users should check for 31 rogue beauty-related apps that Google has deleted from the Play Store, but could still be installed onto phones. They can unleash unwanted advertising and open web pages without permission. The apps all have ... different names, but largely offer filters to supposedly enhance self-portrait photographs. Suspicious Typos According to White Ops, which identified the apps, the full list is as follows. Note that many of the app names include apparent spelling and typographical errors: Beauty & Filters Camera Beauty Camera & Photo Editor Pro Beauty Camera ... (view more)

Tue
16
Jun
John Lister's picture

New Ransomware: Pay Up Or Files Go Public

A new form of ransomware named after a Marvel super villain has some particularly evil features. The Thanos malware uses an approach more reminiscent of "physical world" blackmail. Despite the name, the malware thankfully doesn't imitate the ... character Thanos by - spoiler alert - deleting half the files in the entire universe. That said, it's still quite scary thanks to a couple of features beyond the usual tactic of encrypting files and demanding a ransom. Instead, the ransomware also seeks to spread across an entire local network and encrypt all the computers it can reach. This is especially ... (view more)

Thu
11
Jun
John Lister's picture

Free Anti-Ransomware Tool is Actually a Scam

A security company has warned that a free tool claiming to remove ransomware is in fact ransomware itself. Sophos has also reported that businesses that pay ransoms end up with double the financial costs of those who don't. The company's Paul ... Ducklin examined a tool called "Decrypter DJVU". It's promoted as a way to undo the damage of a strain of ransomware that encrypts files, adds the extension ".djvu" to the name, and demands a payment to decrypt and restore access. (Source: sophos.com ) The tool asks users to type in a personal ID and a file extension, though it appears it doesn't take ... (view more)

Fri
05
Jun
John Lister's picture

'Sign in With Apple' Bug Allowed Unrestricted Access

Apple has paid $100,000 reward to a security researcher who discovered a simple but potentially damaging bug. Until it was fixed, the bug could have let hackers take over a user's account. The problem was with "Sign in with Apple" - a system that ... lets users sign up to websites via their Apple account rather than having to create specific login details for each site, or go through an email confirmation process it. As with similar systems from Facebook and Google, it only works on websites that support the "Sign in with Apple" feature. When the user visits the third-party site, it ... (view more)

Thu
04
Jun
John Lister's picture

Some Android Wallpapers Could Crash Phone

Background "wallpaper" can cause Android phones to crash thanks to a bug with the system. At the moment it appears to be an unfortunate glitch but it could be open to abuse. The image in question is viewable at twitter.com , and features a scene ... with a forest in the foreground, a lake in the midground, and mountains in the background beneath a cloudy sky at sunset. The problem is that once set as the default wallpaper, the image causes the phone to crash. The phone then goes into a loop of restarting and crashing, with the only solution being a factory reset. That's not only time consuming ... (view more)

Tue
26
May
John Lister's picture

Microsoft Warns of COVID-19 Email Malware Scam

Microsoft and Sophos have warned users to watch out for emails which claim to offer statistics about the COVID-19 pandemic. They actually harbor a combination of malware and legitimate tools that could easily be abused by a hacker. The emails in ... question have subject lines such as "Covid-19: [May 22] horrible Charts", claim to come from legitimate sources such as John Hopkins University, and have an attachment that's billed as a spreadsheet file with statistics about deaths and infections. (Source: twitter.com ) Malicious Macro The attachment does indeed have an Excel file, but the problem is ... (view more)

Tue
12
May
John Lister's picture

Thunderbolt Flaw Could Bypass Security, Encryption

A researcher has found a major bug with Thunderbolt port technology that could undermine major security measures on multiple computer systems. There's a big mitigating factor though: an attacker would need extended physical access to the computer in ... order to carry out the exploit. Thunderbolt is a technology that is similar in concept to USB, but adds fiber optic to the usual copper wires. Compared to USB, Thunderbolt has high speed and capacity. Common uses include super-fast device charging (including laptops), 4K video, and extremely quick data transfers. Originally Thunderbolt was only ... (view more)

Tue
28
Apr
John Lister's picture

Major Antivirus Flaw Deletes Files, Corrupts Windows

A security company says it found a simple way to turn antivirus software into a weapon for attackers. Most major manufacturers have now fixed the problem, but it's a reminder to keep such software updated. The discovery by Rack911 Labs effectively ... meant that a hacker could force the antivirus software to delete files on a computer. That would mean the hacker would need to have gained access to a computer first - whether internally on a network, or remotely using malware. The exploit is based on one of the most fundamental actions of any antivirus software: they scan files, check if they are a ... (view more)

Pages

Subscribe to RSS - Security