There's a worrying trend amongst businesses who haven't yet been through some kind of IT related security issue. It's human nature to think bad things only happ...
Beware the RedDrop Android malware
- Aldo Cutrer 0 Comments
Another found *in* the App Stores
Wandera are warning Android users to watch out for the RedDrop malware, which attempts to record audio, take photos, copy files etc, and even storing them on the users own Dropbox account ready to be used as extortion against the victim. It can do this, since it has full access to the account the apps of the victim's device has.
It also does the usual SMS premium service trick, and this, alongside a sophisticated network of back end hosting locations, leads analysts to believe this is a well-funded, determined hack which Wandera describe as "one of the most sophisticated" they have seen.
It's only just getting publicity, but Kaspersky has been aware of the threat since 2017.
To date, the victims are mainly in China, and the pattern is users searching adult content. However, dozens of innocent-looking apps which contain the malware have been identified - including many inside the the Sky Mobi Android app store.
Samsung smartphone explodes in man's pocket
- Brett Mozee 0 Comments
Suddenly heated up
A terrifying incident happened at the Hotel Ciputra on 30th September, 2017, when a Samsung smartphone suddenly caught fire in a mans shirt pocket.
Yuliant, a 47 year old hotel supervisor, was in the lobby when he suddenly felt a fierce burning sensation on his chest.
He dropped to the floor and a colleague scrambled to help him rip off his shirt.
He said he'd never had problems with his phone before.
The whole incident was captured on CCTV.
Samsung seemed to be over the exploding Note ordeal of 2016 - let's hope this isn't about to start all over again for them.
Silent 911 dialler much worse than previously thought
- Brett Mozee 0 Comments
No user intervention needed
In October 2016, an exploit for iOS was discovered which caused iPhones to repeatedly dial 911 without any intervention from the user at all.
In some places, this hit so hard that the 911 emergency call center in one area was classed as being in "immediate danger" of losing service, and two more were also at risk.
The investigation into these incidents is now complete, and the results show it was much more serious than it first appeared.
The count of the number of calls made was first determined to be in the low hundreds, but it has now been established the number is massively higher. A single tweeted link was clicked on a total of 117,502 times - each click causing a 911 call to be made.
New Malware for Android asks users to submit a selfie
- Brett Mozee 0 Comments
Acecard
Incredibly, new Android malware has been discovered which actually attempts to trick its victims into not only taking a selfie, but one of them holding a valid ID card such as a drivers license or passport. This is like the holy grail to id thieves, who are increasingly finding that government institutions, banks and other similar organisations such as utility companies are insisting on such proof before conducting business with their users.
Now let's be honest here, and a little discreet - it's only a "special" kind of user who's going to fall for such an obvious scam. We are, however, in the numbers game, and a tiny slice of a huge pie is still big enough to make it worthwhile for the bad guys.
Facebook and Twitter also use the "valid id" method to authenticate accounts which have had some kind of issue regarding security.
DualToy Trojan attacks both iPhones and Android devices
- William Damage 0 Comments
Sneaky
Over 8,000 different samples of a trojan being dubbed "DualToy" have been discovered in the wild after being initially identified in Jan 2015.
The unusual aspect to this malware is the mechanism it uses to hit it targets, which can be iOS or Android based.
The way it works is to first infect the Windows PC these devices are connected to via USB, then use the file transfer capabilities to deliver malware to the target, and it is capable of doing this to both Apple and Android devices. However, the good news is it is useless against those who keep everything up to date since it relies on weaknesses which were spotted and fixed several years ago.
Video shows Note 7 battery explode!
- William Damage 0 Comments
Samsung issues recall due to battery problems
Samsung's worst marketing nightmare came true this week when it had to issue a recall for its flagship Galaxy Note 7 smartphone.
Reports from the US and South Korea were coming in of the phone catching fire, or even exploding, during or soon after charging. They admitted the issues were fixed by replacing the battery but wanted to take no chances with customer safety issues.
The Note 7 was launched with great fanfare in 10 countries, but it was difficult to work out exactly which phones were affected because different companies supplied the batteries. Samsung said it would take two weeks to get new versions to customers, but urged them to return their current handsets as soon as possible.
iPhone Pegasus: "Worst iOS Smartphone Virus yet"
- Brett Mozee 0 Comments
Clicking just one link is all it takes
Apple has released a patch to bring iPhone and iPad users up to iOS 9.3.5 specifically to kill malware known as "Pegasus".
The worrying issue regarding this malware isn't just the fact Apple devices were supposed to be immune to this sort of attack. It's the fact the user can't even easily detect if they are infected or not. Even worse, it's extremely low-level hiding capabilities meant no amount of encryption can protect them.
The spyware hides at system level and can access data before it is passed to other apps such as WhatsApp, which encrypts the data after Pegasus has seen it in the clear.
The software was allegedly created by Israeli firm NSO to target a Middle Eastern human rights activist. It's developers also discovered three new security flaws unknown to Apple.
Stagefright hits the iPhone
- Carter Tweed 0 Comments
Uses the same attack vector as the Android version
The dreaded Stagefright vulnerability has now appeared in OSX and iOS, one year after it was first discovered on Android. Google has released dozens of patches throughout that time aimed at fixing it, the most recent being just this week.
The idea behind Stagefright, and the reason it is so hard to close down every variant, is that the target is the core multimedia handler present in the heart of the OS, which has by necessity special privileges in order to do its job of playing audio, video and showing images, etc.
Since the multimedia handler has to accept the media as data, the attacks arrive in the form of data which appears to be correctly formed, so that it gets to the handler in the first place, but in fact is specially crafted to carry just the right payload needed to trigger the attack.
Woah! Not so fast - Dodgy Pokémon Go copies can contain malware...
- Brett Mozee 0 Comments
Massive hit app attracts the bad guys
All of a sudden, Pokémon Go is everywhere! It's bigger than Tinder and about to topple Twitter in the number of daily users.
This is fantastic news for Nintendo, whos fortunes have been flagging recently and really needed the shot in the arm this game gave them. However, as with all things app-wise, with such a massive user base the malware guys suddenly get very interested too, and they have been quick to jump on the craze with a hacked version for Android found in the wild.
The APK discovered contained the "DroidJack" remote access tool (RAT) which enabled the attacker to gain complete control over their smartphone or tablet. It was first discovered by researchers at Proofpoint.
7 Ways to stay safe using free WiFi
- Carter Tweed 0 Comments
Digital hygiene
Free public WiFi can be a lifesaver. Your device can be out of the range of a mobile signal more often than you think, for example in underground stations or large buildings. Most tablet users don't even have a choice. Often you'll be alerted to a full-strength WiFi hotspot just itching for you to use it which claims to be "free".
Like anything in life, however, there is no such thing as a free lunch. "Free" anything usually wants something back in return and WiFi is no different. However, there is the risk of extra danger - not all hotspots are created equally.
Some of the dangers are not immediately obvious. Here we show 7 ways you can minimize the risks when using these free WiFi hotspots.