malware

Yispecter iOS malware infects devices that aren’t jailbroken

Yispecter iOS malware infects devices that aren’t jailbroken

iOS malware is nothing new, but for the most part, if your device wasn't jailbroken you really didn’t have to worry about malware much. That has now changed with a new malware called Yispecter that has been discovered that attacks non-jailbroken iOS devices. The malware is the first seen that abuses private APIs in iOS to implement its malicious functionality.

Continue Reading

The fright ain’t over yet: Stagefright 2.0 goes for MP3s

The fright ain’t over yet: Stagefright 2.0 goes for MP3s

The nightmare might be over, but the scare continues ever so slightly. Security outfit Zimperium labs, who broke the news about the first Stagefright, are now back with some bad news. There is a Stagefright version 2.0. This time, the vulnerability comes from two vectors, one of them the same libstagefright responsible for the first security hole. And this time, it rides on MP3 audio as well as MP4 videos. Fortunately, thanks to the first Stagefright, implementing an exploit requires a bit more work but still possible.

Continue Reading

Apple advises users, developers on XcodeGhost scare

Apple advises users, developers on XcodeGhost scare

Sometimes it's Android and sometimes it's iOS, but both platforms has had their share of highly publicized security nightmares. This time, it's Apple's turn to take the heat, though partly through no fault of its own. The recent XcodeGhost malware that has affected dozens, possibly even hundreds, of iOS apps, mostly from China, has definitely worried not a few users. Now Cupertino is setting the record straight for users and guiding developers on how to make sure they won't become unwilling carriers of this security vulnerability.

Continue Reading

iPhone app malware attack: details you need to know

iPhone app malware attack: details you need to know

This morning Apple released a statement on a large-scale attack on their iOS App Store. Apple is in the process of cleaning up after the attack, having found a malicious program by the name of XcodeGhost earlier today. This is the first reported case of malware making its way into Apple's App Stores in any sort of large-scale manner. According to cyber security firm Palo Alto Networks, just five malicious software-containing apps had ever been found on the iOS App Store before.

Continue Reading

XcodeGhost malware gets past Apple App Store scrutiny [UPDATE]

XcodeGhost malware gets past Apple App Store scrutiny [UPDATE]

Apple's stringent and sometimes even heavy handed review rules for iOS apps have both been hailed and criticized alike, but its core benefit remains the same, very few malicious apps gets past quality control. However, it's not infallible, as five past iOS malware can attest to. Now a sixth joins that list, but with more far-reaching consequences. Dozens, if not hundreds, of App Store apps, specifically in China, might be infected by the XcodeGhost malware, and this time, the apps are otherwise legitimate ones and their developers unwitting accomplices. All thanks to an unofficial Xcode installer going around the Internet.

Continue Reading

PIN-changing Android ransomware spreading in the US

PIN-changing Android ransomware spreading in the US

Before you get all riled up, this isn't yet another Android vulnerability like Stagefright. This is your run of the mill malware installed through social engineering or carelessness, but one that has far graver ramifications than other ransomware. Discovered by researchers from security company ESET, the Android/Lockerpin.A ransomware goes the extra mile to actually change your device's PIN code in such a way that trying to reset the PIN will lock the user, and ironically the attacker too, from the device completely, with no recourse other than a factory reset.

Continue Reading

Stagefright exploit code now available to the public

Stagefright exploit code now available to the public

If you thought that the Stagefright nightmware was over, or at least on its way out, you might want to think again. More than two months since it went public with the severe Android vulnerability, mobile security outfit Zimperium is now also making public actual working code that exploits this security hole. This while Google, device manufacturers, and carriers are still scrambling to roll out patches to devices, some of which still remain exposed to this outbreak. Now they have more pressure to pick up the pace.

Continue Reading

“KeyRaider” iOS malware has stolen 225,00 Apple accounts

“KeyRaider” iOS malware has stolen 225,00 Apple accounts

It's not everyday that you hear about malware on iOS, so when the news does hit, it hits hard. And while there are mitigating factors that prevent this malware from being spread too far, it's effects could actually affect even innocent iPhone and iPad users. Nicknamed "KeyRaider", this new family of iOS malware has been able to harvest more than 200,000 valid Apple accounts. Their purpose? To be able to install apps from the App Store without paying a dime. Of course at the expense of those whose accounts have been compromised.

Continue Reading

Kaspersky tipped to be sabotaging rival anti-virus software

Kaspersky tipped to be sabotaging rival anti-virus software

Russian security company Kaspersky is one of the most trusted names when it comes to software protection but, while a recent hacking incident may have portrayed it as a victim, it might not actually be that innocent after all. Two former employees, who of course desires to remain anonymous, reveals that Kaspersky has been covertly working to undermine rival anti-virus software by flagging innocent and important system files as malware, causing these other AV programs to delete those files, turning unsuspecting users into collateral damage in their wake.

Continue Reading

Apple’s OS X 10.10.5 update patches DYLD security vulnerability

Apple’s OS X 10.10.5 update patches DYLD security vulnerability

Apple has released an OS X system update for Yosemite users, bringing the version up to 10.10.5. While the update addresses a number of small bugs, its primary focus is fixing the recently discussed DYLD privilege escalation security exploit. The vulnerability has the potential to allow malware to get root access to a Mac, which is why concerns were raised last week that Apple may not be issuing a fix until the release of OS X 10.11 El Capitan. Fortunately the company has followed through on its promise, releasing the patch right away.

Continue Reading

Nexus OTA updates for Stagefright appearing today

Nexus OTA updates for Stagefright appearing today

This morning OTA (over the air) updates for Android devices in Google's Nexus stable have begun to arrive for Stagefright. A vulnerability in the security bits of all Android devices was found earlier this month, a vulnerability in Stagefright that you really should get to know up close and personal. Google took action - as have many major manufacturers of smartphones - and updates are coming starting today.

Continue Reading

Grandma malware warning: smartphone app downloads of death

Grandma malware warning: smartphone app downloads of death

If you're reading this article, chances are you're the person in your family that does all the tech support. Today we've got a bit of a warning for you from the likes of a developer by the name of Rudis Muiznieks. This fellow bared his soul this week in an article all about how he used to work for a company that spammed desktop and mobile computer users with apps and data-harvesting software. It occurred to us that some readers might never have heard of one of this phantom company's methods, and should therefor be informed and warned.

Continue Reading

Prev 1 2 3 4 5 6 7 8 Next