Month: July 2010

Mobile app developer Jackeey Wu defended himself against claims of producing Android spyware apps today while also underscoring some of the risks of Google’s mobile OS. He noted that some of the permissions his Wallpapers allegedly requested, such as for the web browser history and SMS message records, aren’t in the actual app. As requesting private information automatically flags the app in Android Market before the install, it’s virtually impossible to collect such information in secret, Wu said. What few permissions Wu needs, such as basic phone access, are to help make features such as favorites work properly as a … Continue reading Android dev rejects rogue app claims, still highlights risks

Commtouch today announced that it has signed a definitive Asset Purchase Agreement to acquire the assets, products, licenses, and operations of the Command antivirus division of Authentium, Inc., a Florida-based company. Command antivirus — which also includes technology to protect against spyware, Trojan downloaders, and other threats — is strongly synergetic with the rest of Commtouch’s product portfolio. With the addition of antivirus technology as a new, third product line, Commtouch will be offering a comprehensive set of solutions for inbound and outbound messaging and Web security to its customers, which are networking and security vendors and service providers. The … Continue reading Commtouch to Acquire the Antivirus Division of Authentium‎

When Web pages are infected with malicious code, the current security practice is to block the entire page and warn users not to go there. But what if the infected page is on a legitimate site that needs that page up in order to do business? In a presentation here Wednesday, a Black Hat speaker proposed a new technology that strips out malware from infected Web pages, effectively allowing sites to continue to serve Web content even after a page has been infected. The new "mod_antimalware" Web server module, which is outlined in a white paper at Black Hat, is … Continue reading New Tool Allows Websites To Keep Serving Pages After Infection

Government to persevere with browser despite high-profile vulnerabilities and advice from France and Germany The government has ruled out scrapping the use of Internet Explorer 6 on department computers, saying it will persevere with the bullet-riddled browser despite its high-profile vulnerabilities. Responding to an online petition with more than 6,000 signatures urging government departments to upgrade away from IE6, the government said such a move would be "a very large operation" potentially at "significant potential cost to the taxpayer". "It is therefore more cost-effective in many cases to continue to use IE6 and rely on other measures, such as firewalls … Continue reading Government rules out upgrading from Internet Explorer 6

Millions have downloaded ‘suspicious’ wallpaper apps, says mobile security firm Between one and four million users of Android phones have downloaded wallpaper apps that swipe personal data from the phone and transmit it to a Chinese-owned server, a mobile security firm said today. According to San Francisco-based Lookout, a large number of free wallpaper apps in the Android Market scrape the phone number; the user-specific subscriber identifier, also know as the IMSI (International Mobile Subscriber Identity); the phone’s SIM card’s serial number; and the currently-entered voicemail number from the phone. That information is then transmitted to a server that Internet … Continue reading Free Android apps scrape personal data, send it to China

Barracuda Networks is out this week with new research attempting to quantify how much malicious activity occurs on Twitter. Barracuda defines the Twitter "crime rate" as the percentage of accounts created per month that are eventually suspended by the company. Barracuda presented its research here at the BSides event, down the Strip from the Black Hat security conference. In total, Barracuda looked at more than 25 million accounts and found that the crime rate for the first half of 2010 is only 1.67 percent. Barracuda saw the crime rate on Twitter fluctuate from month to month, peaking in October 2009 … Continue reading Is Twitter Less Secure Than E-mail?

According to a newly released report by Barracuda Labs, based on a two-month study reviewing more than 25,000 trending topics and 5.5 million search results, Google remains the most popular search engine used by malicious attackers, relying on poisoned keywords. The company, which also sampled Yahoo Search, Bing, and Twitter, contributes Google’s leading position to the fact that Google remains the market share leader in online search, and consequently the most targeted search engine. Key highlights of the study: Overall, Google takes the crown for malware distribution – turning up more than twice the amount of malware as Bing, Twitter … Continue reading Google tops comparative review of malicious search results

From Graham Cluley’s Blog at Sophos: Yesterday my colleague Pablo Teijeira, who is based in our Madrid office, logged into Facebook as normal and was confronted with a rather unusual message in place of the usual reminder of whose birthday it was today: Rather than "Hoy es cumple de" ("Today is the birthday of") the Spanish language version of Facebook was saying "f*ck you bitches". Charming. Pablo dropped me a line, wondering if I knew if Facebook had been hacked or if there was some other sinister explanation. Well, the good news is that it wasn’t malware and it was … Continue reading Happy bitchday from Facebook

A security expert found a way to catch the talks at Black Hat for free, thanks to bugs in the video streaming service used by the security conference. Michael Coates, the head of Web security for Mozilla, said he discovered several problems while trying to sign up for the US$395 service. As he went through the sign-up procedure, he was "quickly sidetracked by a few oddities in the design," he wrote in a blog post describing the incident. He poked around a bit more and discovered that he could register an account without providing anything more than an e-mail address, … Continue reading Black Hat gets its video feed hacked

Quicktime Player (version 7.6.6) allows movie files to trigger download of files, and cybercriminals are using this to download malware from malicious websites. Trend Micro Threat Research Engineer Benson Sy encountered two .MOV files (001 Dvdrip Salt.mov, salt dvdrpi [btjunkie][xtrancex].mov) that both used the recent movie, Salt of Angelina Jolie. It looks suspicious enough because of its relatively small size compared to regular movie files. When the movie files are loaded to Quicktime player, it doesn’t show any live action scenes but leads users to download malware pretending to be either an update codec or another player installation. It is … Continue reading QuickTime Player Allows Movie Files to Trigger Malware Download