Security

Tue
19
Nov
John Lister's picture

Man Jailed for Attacking Millions of Websites

A man who launched millions of separate attacks on websites has been jailed for 13 months for conspiracy to damage Internet-connected computers. Sergiy Usatyuk, who is 20, offered an attacks-for-hire service using Distributed Denial of Service ... (DDoS) tactics. A Denial Of Service attack is a crude but often effective technique that simply involves flooding a site with bogus "visits" until the web server becomes overloaded, which then causes the website to become inaccessible for ordinary users. It's roughly equivalent to tying up a company's switchboard with prank calls. The "distributed" ... (view more)

Tue
12
Nov
John Lister's picture

Google Play to Use Third Party Security to Scan Apps

Google is to use outside help to scan apps before they go into the Google Play store. It says the move is needed to cope with the continuing increase in the number of rogue Android apps. Just two weeks ago, 21 Android apps were reported to be rogue ... ; in early September, 24 apps were found to be rogue . The new "App Defense Alliance" involves Google working with three security companies, namely: ESET, Lookout and Zimperium. They all specialize in mobile security with a particular emphasis not just on spotting individual rogue apps, but on figuring out common characteristics and clues ... (view more)

Wed
30
Oct
John Lister's picture

New Malware Hides Inside Audio Files

Most people know not to open an executable file or document attached to an email unless they were expecting it. But a new example of malware means even an audio file could trigger a payload. Researchers at Blackberry Cylance Threat recently ... uncovered malicious code hidden inside WAV files. That's a computer format for audio that was common for music on PCs before MP3 became established. The attackers are using a technique called steganography, which is a way to hide a file inside another file in a way that normally cannot be detected. Steganography has previously been used in image files, and ... (view more)

Tue
29
Oct
John Lister's picture

21 Rogue Android Apps Need Removing

Security researchers have exposed more than 20 rogue Android apps that secretly load ads as part of a scam. The rogue apps perform their advertised tasks for cyber criminals, but also drain batteries and overheat phones in the process. It's another ... embarrassment for Google as all the apps were found in the official Google Play Store, which is designed to vet apps to reduce the chances of malicious activity. Remove These Rogue Android Apps Now Researchers at ESET antivirus say they found 42 apps have been part of an orchestrated campaign running since July last year. They were able to ... (view more)

Thu
24
Oct
John Lister's picture

Facebook Faces $35B in Facial Recognition Lawsuit

Facebook is set to face a $35 billion class action lawsuit over claims it used facial recognition tools without permission. The case will proceed despite Facebook's protest that no one suffered direct financial losses. The case is taking place in ... Illinois, where three individual lawsuits from 2015 were combined into a single class action case. It's based on Facebook using automated recognition on uploaded photographs. The way it works is like this: let's say that Bob uploads a photograph to Facebook, which also includes his friend Alice. After the upload is complete, Facebook scans the ... (view more)

Wed
23
Oct
John Lister's picture

Microsoft Unveils New 'Secured-core' PC Protection

Microsoft is working with PC makers to tackle malware that strikes before Windows is loaded into memory. It's adapting a technology currently used for the Xbox games console. The "Secured-core" initiative is designed to overcome a big limitation ... with most Windows security tools: they only work once Windows is already running. That doesn't tackle malware that targets the computer's firmware. This is software, usually called BIOS or UEFI, than runs immediately when a PC is switched on. Its main role is to check all the hardware is in place and connected, then load up the operating system such ... (view more)

Tue
22
Oct
John Lister's picture

Samsung Fingerprint Scanner Has Major Flaw

Samsung has issued a security fix after revelations of a major flaw in its fingerprint sensor. It affects users who have added a silicone screen protector. The fix came after a British woman contacted a newspaper to report that not only could she ... unlock her phone with the "wrong" fingerprint, but her husband could also unlock it with his finger. That's a major problem as she was using a Galaxy S10, a high-end Samsung phone that lets users set up fingerprint recognition not only to unlock the phone, but also to login to apps and even authorize mobile payments. (Source: bbc.co.uk ) Scan ... (view more)

Thu
17
Oct
John Lister's picture

New Windows Defender: Tamper Protection, Plus More

Microsoft is adding an extra layer of security to Windows 10: it's blocking malware from tampering with Windows Defender. That's a security tool that's available commercially to businesses but is also built in to Windows 10 without extra cost. ... Tamper Protection tackles a rather cheeky tactic used by some malware creators, namely having the malware access Windows Defender and switch off key features. The idea is to reduce the likelihood of malware being detected in action. The feature has been in testing since April, 2019 and is now ready for a public rollout. Naturally Microsoft is keeping ... (view more)

Mon
14
Oct
John Lister's picture

Android Malware Changes Own Icon to System Apps

Malware creators are using new tactics to avoid their malicious Android apps being exposed. The scam involves hiding and even disguising apps as legitimate ones once they've been installed. Fake Apps Receive Fake Praise It's a twist on a ... well-established scam in which malware is distributed through apps that appear to perform a basic function such as reading QR codes, or turning the camera flash into a flashlight. Thanks to a host of bogus rave-reviews in the Google Play store, the only way to spot something is amiss is that the apps will ask for specific access permissions that are clearly ... (view more)

Thu
10
Oct
John Lister's picture

New Malware Infects Legit Downloads On the Fly

A new piece of malware can intercept Internet traffic to spot people downloading legitimate installation files and replace them with "infected" copies. Security company Kaspersky went as far as calling it "impressive" from a technical, if not moral ... standpoint. Kaspersky has dubbed the malware "Reductor," after a term that appears in some of the code. It discovered the malware in April, 2019, so the fact it's only just going public suggests it took some serious analysis. (Source: securelist.com ) The malware's operation is exceedingly complicated, but one a machine is infected with ... (view more)

Pages

Subscribe to RSS - Security