DecryptedTech

Tuesday16 August 2022

Displaying items by tag: Malware

Security, physical or data, is the type of job that never ends. There is no point that you can sit back and say “Ok, I am done”. Threats evolve existing protections are made obsolete by changing business requirements and, of course, the bad guys just keep getting smarter. This means that even if you protect from one attack, you have to bank on the knowledge that someone else will be behind that guy. In fact if you have followed the happenings of the collective Anonymous that is one of the things they say whenever any of their members are arrested.

Published in News
Data-Center

Big data is a big business these days. Having information about the billions of people on the planet (or more importantly the hundreds of Millions of consumers) is something that can make you money. These companies collect every bit of information about us and store if for retrieval. In many cases they are the core of background check services, credit check services and other forms of personal investigation that you have to go through in your life. For years they have been putting important information in what amounts to one big basket… with a large bullseye on it.

Published in News
knox

Starting back in the early 90s the news was full of articles predicting the “end of the PC era”. It seemed that every year there was another claim that the death bell for PCs could be heard. We heard that Linux would take over from Microsoft, Apple was going to replace the PC, you name it we heard it. One of the most persistent tales of PC death started after the iPad was launched. This is that the tablet and smartphone will soon replace our need to have a PC that we use for work. It inspired many companies to build cloud services to support a more mobile consumer.

Published in News
Wednesday, 21 August 2013 20:21

League of Legends accounts in danger

lol

On the pages of the popular MOBA title League of Legends warning appeared which states that the date of the players from the  North American servers are in danger. According to the statement, unknown perpetrators have come up with user names, e-mail address, masked passwords and some full names.

Published in News
Virus

One of the things that Apple has always held over Google’s head is the amount of malware that is present in the Google Play Store. It seems that each year the number and complexity of the malware uploaded to the Play Store grows. Much of this is because the Play Store is not as restrictive as the App Store. Apple’s walled garden has protected them from a storm of mobile malware for a long time… well there was that one attempt by Charlie Miller a while ago. Back then Miller used his developer account to submit an app that was actually malware. It got Miller banned from the Apple Developer club which made the news for a little while.

Published in News
Friday, 16 August 2013 17:58

Security omission in Google Cloud Messaging

gcm

Kaspersky Lab has announced that they have found a backdoor in the Google Cloud Messaging service that allows developers to directly communicate through their servers with applications installed on Android devices. Backdoor can be used by criminals to send text messages to premium numbers, as well as for theft of data from Android devices.

Published in News
tor

The news is all abuzz with the compromise of the Tor (Originally The Onion Router) Network. This network has been used by a wide variety of people who are looking for a degree of anonymity. It relies on the use of different entry and exit point to prevent someone from identifying your exact IP Address or MAC address. In-between these point there are different hops that further confuse the trail. In basic terms your system is masked by the exit point which is selected randomly by the system. Now in addition the anonymity services for individual users there are also servers that host websites and even anonymous email services. Some have called this the “dark net” or “deep web” although that is not actually the case (the dark net is something else entirely). Many of these sites are legitimate sites that need to protect their readers from less than understanding authorities, but there are a larger number that are not above board at all including many sites that host child pornography.

Published in News
top-10-computer-viruses-631

Remember how everyone was up in arms over the existence of a “Master Key” bug that existed in all versions of the Android operating system? Well it looks like someone has found a way to use the flaw to their advantage. Symantec has found two apps (available in China) that use the Master Key flaw to spread a new form of malware. To give a little background the original flaw was publicly disclosed by Bluebox security on the 3rd of July 2013. It was reported to Google in February 2013. The flaw allows a malicious individual (or group) to alter an application without affecting the apps cryptographic signature. This means that the app looks exactly like a legitimate app bypassing the security at the app store and the phone level.

Published in News
steve-jobs-think-what-we-say

Yesterday we reported on a breach in Apple’s developer portal. This breach appears to have happened over the course of about three days and resulted in Apple pulling the entire system offline for redesign. At the time of the article (which can be found here) no one had claimed responsibility Apple had not pointed the finger at anyone. Now it seems that a Turkish security researcher is claiming responsibility for the hack, but is saying that he was only looking for bugs in the system to show Apple that the portal was leaking user data.

Published in News
google-glass

As with many technologies there is a blind spot during the initial design and testing phase that happens. With SCADA devices this was the possibility that anyone would put them on the internet. These control devices were not built to be exposed like this and because the people that were using them did not follow best practices for protecting them we all know just how vulnerable our core infrastructure is. Even with devices like pacemakers that can be tuned using WiFi there was the failure of imagination that left them open to… well any one to connect to them. This failure of imagination seems to exist in almost any product as the designer continue to say, “no one will think of that”. Today we are seeing this happening to Google and their Google Glass project. It looks like they never thought someone would use QR Codes to infect the device.

Published in News
Page 11 of 17