Hundreds of millions of Android devices based on Qualcomm chipsets are likely exposed to at least one of four critical vulnerabilities that allow non-privileged apps to take them over.The four flaws were presented by security researcher Adam Donenfeld from Check Point Software Technologies on Sunday at the DEF CON security conference in Las Vegas. They were reported to Qualcomm between February and April, and the chipset maker has since released fixes for the vulnerabilities after classifying them as high severity.Unfortunately, that doesn’t mean that all devices are yet protected. Due to the fragmentation of the Android ecosystem, many devices run older Android versions and no longer receive firmware updates, or they receive the fixes with months-long delays.To read this article in full or to leave a comment, please click here
Hundreds of millions of Android devices based on Qualcomm chipsets are likely exposed to at least one of four critical vulnerabilities that allow non-privileged apps to take them over.The four flaws were presented by security researcher Adam Donenfeld from Check Point Software Technologies on Sunday at the DEF CON security conference in Las Vegas. They were reported to Qualcomm between February and April, and the chipset maker has since released fixes for the vulnerabilities after classifying them as high severity.Unfortunately, that doesn’t mean that all devices are yet protected. Due to the fragmentation of the Android ecosystem, many devices run older Android versions and no longer receive firmware updates, or they receive the fixes with months-long delays.To read this article in full or to leave a comment, please click here
Some consumer safes protected with electronic locks are quite easy to hack using basic techniques. Others, though, like those made to store guns, are designed to resist expert manipulation.However, one hacker demonstrated at the DEF CON security conference Friday that even high-security rated electronic safe locks are susceptible to side-channel attacks typically used against cryptosystems.Side-channel attacks involve techniques like analyzing power fluctuations and variations in the time it takes operations to complete on an electronic device. By monitoring these values when the system checks the user's input against a stored value, attackers can incrementally recover encryption keys or, in the case of electronic safe locks, the correct access code.To read this article in full or to leave a comment, please click here
Some consumer safes protected with electronic locks are quite easy to hack using basic techniques. Others, though, like those made to store guns, are designed to resist expert manipulation.However, one hacker demonstrated at the DEF CON security conference Friday that even high-security rated electronic safe locks are susceptible to side-channel attacks typically used against cryptosystems.Side-channel attacks involve techniques like analyzing power fluctuations and variations in the time it takes operations to complete on an electronic device. By monitoring these values when the system checks the user's input against a stored value, attackers can incrementally recover encryption keys or, in the case of electronic safe locks, the correct access code.To read this article in full or to leave a comment, please click here
A new technique allows attackers to hide malicious code inside digitally signed files without breaking their signatures and then to load that code directly into the memory of another process.The attack method, developed by Tom Nipravsky, a researcher with cybersecurity firm Deep Instinct, might prove to be a valuable tool for criminals and espionage groups in the future, allowing them to get malware past antivirus scanners and other security products.The first part of Nipravsky's research, which was presented at the Black Hat security conference in Las Vegas this week, has to do with file steganography -- the practice of hiding data inside a legitimate file.To read this article in full or to leave a comment, please click here
After years of reluctance to pay researchers for exploits, Apple has given in and is ready to hand out up to US$200,000 for critical vulnerabilities found in the latest version of iOS and the newest iPhones.Apple announced the program Thursday at the Black Hat security conference in Las Vegas. It starts in September, and unlike bounty programs run by other large technology companies it will be invite only.The program will start with a few dozen researchers hand-picked by Apple, though any outsider who submits a flaw that qualifies can receive a reward and be invited to join the program, said Ivan Krstić, the head of Apple Security Engineering and Architecture.To read this article in full or to leave a comment, please click here
After years of reluctance to pay researchers for exploits, Apple has given in and is ready to hand out up to US$200,000 for critical vulnerabilities found in the latest version of iOS and the newest iPhones.Apple announced the program Thursday at the Black Hat security conference in Las Vegas. It starts in September, and unlike bounty programs run by other large technology companies it will be invite only.The program will start with a few dozen researchers hand-picked by Apple, though any outsider who submits a flaw that qualifies can receive a reward and be invited to join the program, said Ivan Krstić, the head of Apple Security Engineering and Architecture.To read this article in full or to leave a comment, please click here
After years of reluctance to pay researchers for exploits, Apple has given in and is ready to hand out up to US$200,000 for critical vulnerabilities found in the latest version of iOS and the newest iPhones.
Apple announced the program Thursday at the Black Hat security conference in Las Vegas. It starts in September, and unlike bounty programs run by other large technology companies it will be invite only.
The program will start with a few dozen researchers hand-picked by Apple, though any outsider who submits a flaw that qualifies can receive a reward and be invited to join the program, said Ivan Krstić, the head of Apple Security Engineering and Architecture.To read this article in full or to leave a comment, please click here
Many of the large payment card breaches that hit retail and hospitality businesses in recent years were the result of attackers infecting point-of-sale systems with memory-scraping malware. But there are easier ways to steal this sort of data, due to a lack of authentication and encryption between card readers and the POS payment applications.POS systems are specialized computers. They typically run Windows and have peripherals like keyboards, touch screens, barcode scanners and card readers with PIN pads. They also have specialized payment applications installed to handle transactions.One of the common methods used by attackers to steal payment card data from PoS systems is to infect them with malware, via stolen remote support credentials or other techniques. These malware programs are known as memory or RAM scrapers because they scan the system's memory for credit card data when it's processed by the payment application on the POS system.To read this article in full or to leave a comment, please click here
Many of the large payment card breaches that hit retail and hospitality businesses in recent years were the result of attackers infecting point-of-sale systems with memory-scraping malware. But there are easier ways to steal this sort of data, due to a lack of authentication and encryption between card readers and the POS payment applications.POS systems are specialized computers. They typically run Windows and have peripherals like keyboards, touch screens, barcode scanners and card readers with PIN pads. They also have specialized payment applications installed to handle transactions.One of the common methods used by attackers to steal payment card data from PoS systems is to infect them with malware, via stolen remote support credentials or other techniques. These malware programs are known as memory or RAM scrapers because they scan the system's memory for credit card data when it's processed by the payment application on the POS system.To read this article in full or to leave a comment, please click here
Millions of point-of-sale systems and hotel room locks can be hacked by temporarily placing a small, inexpensive device several inches away from their card readers.The device, due to be presented Sunday at the DEF CON conference in Las Vegas, is the creation of Weston Hecker, a senior security engineer at Rapid7. It was inspired by MagSpoof, another device created last year by security researcher Samy Kamkar.MagSpoof can trick most standard card readers to believe a certain card was swiped by generating a strong electromagnetic field that simulates the data stored on the card's magnetic stripe. Kamkar presented it as a way to replace all your cards with a single device, but Hecker took the idea and investigated what else could be done with it.To read this article in full or to leave a comment, please click here
Millions of point-of-sale systems and hotel room locks can be hacked by temporarily placing a small, inexpensive device several inches away from their card readers.The device, due to be presented Sunday at the DEF CON conference in Las Vegas, is the creation of Weston Hecker, a senior security engineer at Rapid7. It was inspired by MagSpoof, another device created last year by security researcher Samy Kamkar.MagSpoof can trick most standard card readers to believe a certain card was swiped by generating a strong electromagnetic field that simulates the data stored on the card's magnetic stripe. Kamkar presented it as a way to replace all your cards with a single device, but Hecker took the idea and investigated what else could be done with it.To read this article in full or to leave a comment, please click here
Over the past few months, cybercriminals have set up thousands of malicious domains and servers in Brazil in anticipation of the 2016 Olympics in Rio.Threat data collected by Fortinet from over 2 million sensors worldwide shows that between April and June, the number of malicious URLs detected in Brazil grew by 83 percent. That's an unusually large spike compared to the 16 percent growth in malicious URLs for the rest of the world.According to a Fortinet report due to be released Tuesday, the number of spoofed domains that are typically used in phishing attacks has also increased, particularly those that try to mimic payment systems and government institutions.To read this article in full or to leave a comment, please click here
Over the past few months, cybercriminals have set up thousands of malicious domains and servers in Brazil in anticipation of the 2016 Olympics in Rio.Threat data collected by Fortinet from over 2 million sensors worldwide shows that between April and June, the number of malicious URLs detected in Brazil grew by 83 percent. That's an unusually large spike compared to the 16 percent growth in malicious URLs for the rest of the world.According to a Fortinet report due to be released Tuesday, the number of spoofed domains that are typically used in phishing attacks has also increased, particularly those that try to mimic payment systems and government institutions.To read this article in full or to leave a comment, please click here
A new and potent Android Trojan has been leaked on several underground forums, making it available for free to less resourceful cybercriminals who are now likely to use it in attacks.The Trojan app is called SpyNote and allows hackers to steal users' messages and contacts, listen in on their calls, record audio using the device's built-in microphone, control the device camera, make rogue calls and more.According to researchers from Palo Alto Networks, SpyNote does not require root access to a device, but does prompt users for a long list of permissions on installation. The Trojan can also update itself and install other rogue applications on the device.To read this article in full or to leave a comment, please click here
A new and potent Android Trojan has been leaked on several underground forums, making it available for free to less resourceful cybercriminals who are now likely to use it in attacks.The Trojan app is called SpyNote and allows hackers to steal users' messages and contacts, listen in on their calls, record audio using the device's built-in microphone, control the device camera, make rogue calls and more.According to researchers from Palo Alto Networks, SpyNote does not require root access to a device, but does prompt users for a long list of permissions on installation. The Trojan can also update itself and install other rogue applications on the device.To read this article in full or to leave a comment, please click here
Security researchers have shut down a large-scale malvertising operation that used sophisticated techniques to remain undetected for months and served exploits to millions of computers.The operation, dubbed AdGholas, has been running since at least October 2015. According to security vendor Proofpoint, the gang behind it managed to distribute malicious advertisements through more than 100 ad exchanges, attracting between 1 million and 5 million page hits per day.The Proofpoint researchers estimate that 10 to 20 percent of computers that loaded the rogue ads were redirected to servers hosting exploit kits -- web-based attack tools that attempt to silently exploit vulnerabilities in popular applications in order to install malware.To read this article in full or to leave a comment, please click here
Security researchers have shut down a large-scale malvertising operation that used sophisticated techniques to remain undetected for months and served exploits to millions of computers.The operation, dubbed AdGholas, has been running since at least October 2015. According to security vendor Proofpoint, the gang behind it managed to distribute malicious advertisements through more than 100 ad exchanges, attracting between 1 million and 5 million page hits per day.The Proofpoint researchers estimate that 10 to 20 percent of computers that loaded the rogue ads were redirected to servers hosting exploit kits -- web-based attack tools that attempt to silently exploit vulnerabilities in popular applications in order to install malware.To read this article in full or to leave a comment, please click here
Future versions of Android will be more resilient to exploits thanks to developers' efforts to integrate the latest Linux kernel defenses into the operating system.
Android's security model relies heavily on the Linux kernel that sits at its core. As such, Android developers have always been interested in adding new security features that are intended to prevent potentially malicious code from reaching the kernel, which is the most privileged area of the operating system.
One older example is Security Enhancements for Android (SEAndroid), a set of kernel add-ons and tools that make exploitation of certain vulnerabilities harder by enforcing access controls.To read this article in full or to leave a comment, please click here
Future versions of Android will be more resilient to exploits thanks to developers' efforts to integrate the latest Linux kernel defenses into the operating system.
Android's security model relies heavily on the Linux kernel that sits at its core. As such, Android developers have always been interested in adding new security features that are intended to prevent potentially malicious code from reaching the kernel, which is the most privileged area of the operating system.
One older example is Security Enhancements for Android (SEAndroid), a set of kernel add-ons and tools that make exploitation of certain vulnerabilities harder by enforcing access controls.To read this article in full or to leave a comment, please click here
Lucian Constantin