malware

Security researchers say a serious Android bug could let malware pose as a legitimate app and gain unwanted access to a phone's data and functions. The concept of the 'StrandHogg' bug has been known for several years, but now it's being actively ... exploited to target online banking. In simple terms, the bug has two unwanted effects: it can trick users into giving malware sensitive 'permissions' to access the phone, and it can hijack legitimate apps to trick users into handing over login details and sensitive information. Researchers at Promon explain the bug is with a security setting called ... (view more)

Google is to use outside help to scan apps before they go into the Google Play store. It says the move is needed to cope with the continuing increase in the number of rogue Android apps. Just two weeks ago, 21 Android apps were reported to be rogue ... ; in early September, 24 apps were found to be rogue . The new "App Defense Alliance" involves Google working with three security companies, namely: ESET, Lookout and Zimperium. They all specialize in mobile security with a particular emphasis not just on spotting individual rogue apps, but on figuring out common characteristics and clues ... (view more)

Google has taken yet another step to try to kill off Adobe Flash. The move will dramatically reduce the visibility of Flash content in its search results. Adobe Flash was once innovative and the primary way for delivering animated and interactive ... content online, including online-based browser games and even advertisements. Even so, many web designers seemed more interested in showing off their creativity with Flash rather than making a usable and useful site. Adobe Flash Security Bugs Severe As far back as 2010, Apple made the decision to ditch Flash entirely from its devices - a move that ... (view more)

Most people know not to open an executable file or document attached to an email unless they were expecting it. But a new example of malware means even an audio file could trigger a payload. Researchers at Blackberry Cylance Threat recently ... uncovered malicious code hidden inside WAV files. That's a computer format for audio that was common for music on PCs before MP3 became established. The attackers are using a technique called steganography, which is a way to hide a file inside another file in a way that normally cannot be detected. Steganography has previously been used in image files, and ... (view more)

Infopackets Reader Daniel B. writes: " Dear Dennis, I wanted to pass along this message to let your readers know of a new and incredibly convincing fake Norton email renewal scam involving Norton Antivirus and Lifelock. I received two emails today ... (from two different email addresses) with a special promotion to 'upgrade' my Norton Antivirus and Lifelock with an enticing 67% discount off the retail price. The emails are incredibly convincing, unless of course you are knowledgeable enough to realize it's a scam. If you click on a link to read more or to buy the product, it will lead you to a ... (view more)

Microsoft is working with PC makers to tackle malware that strikes before Windows is loaded into memory. It's adapting a technology currently used for the Xbox games console. The "Secured-core" initiative is designed to overcome a big limitation ... with most Windows security tools: they only work once Windows is already running. That doesn't tackle malware that targets the computer's firmware. This is software, usually called BIOS or UEFI, than runs immediately when a PC is switched on. Its main role is to check all the hardware is in place and connected, then load up the operating system such ... (view more)

Microsoft is adding an extra layer of security to Windows 10: it's blocking malware from tampering with Windows Defender. That's a security tool that's available commercially to businesses but is also built in to Windows 10 without extra cost. ... Tamper Protection tackles a rather cheeky tactic used by some malware creators, namely having the malware access Windows Defender and switch off key features. The idea is to reduce the likelihood of malware being detected in action. The feature has been in testing since April, 2019 and is now ready for a public rollout. Naturally Microsoft is keeping ... (view more)

Malware creators are using new tactics to avoid their malicious Android apps being exposed. The scam involves hiding and even disguising apps as legitimate ones once they've been installed. Fake Apps Receive Fake Praise It's a twist on a ... well-established scam in which malware is distributed through apps that appear to perform a basic function such as reading QR codes, or turning the camera flash into a flashlight. Thanks to a host of bogus rave-reviews in the Google Play store, the only way to spot something is amiss is that the apps will ask for specific access permissions that are clearly ... (view more)

Dear Infopackets Readers, For the past 5+ years I've been writing articles about fake tech support scammers based in India. In fact, I just published an article about "Expert4Help" scam last week. Here's how the scam works: While browsing the ... Internet, you may suddenly receive a full screen "virus warning". The warnings appear even when browsing legitimate websites (Amazon.com, for example). The warnings are often accompanied by a computer-generated voice, which says that the computer is infected and that you must call "Microsoft support" to "fix" the "problem". These warnings are meant to be ... (view more)

A new piece of malware can intercept Internet traffic to spot people downloading legitimate installation files and replace them with "infected" copies. Security company Kaspersky went as far as calling it "impressive" from a technical, if not moral ... standpoint. Kaspersky has dubbed the malware "Reductor," after a term that appears in some of the code. It discovered the malware in April, 2019, so the fact it's only just going public suggests it took some serious analysis. (Source: securelist.com ) The malware's operation is exceedingly complicated, but one a machine is infected with ... (view more)