Collaborate Disseminate
ESET researchers say: ‘During the last hours, OSX/Keydnap was distributed on a trusted website, which turned out to be “something else”. It spread via a recompiled version of the otherwise legitimate open source BitTorrent client application Transmission and distributed on their official website.’ OSX/Keydnap spreads via signed Transmission application
Continue reading OSX/Keydnap spread via Transmission app
Google: Helping users easily access content on mobile Takes two approaches, the latter maybe more security-related. One relates to the removal of the mobile-friendly label, since most sites now meet that criterion, so the removal is seen as reducing clutter. The other introduces measures to reduce the impact of intrusive pop-ups and standalone interstitials that obscure the […]
Continue reading Google: easier access to content on mobile
Davey Winder asks some interesting questions about AV-Test’s latest test of Android security apps. Is Android as easy to secure as the latest AV-TEST results appear to suggest? A number of people, including ESET’s Mark James, attempt to answer those questions, but unfortunately the article boils them down to soundbites. Maybe I’ll come back to this […]
Continue reading AV-Test on Android security apps
David Bisson for Graham Cluley’s blog on Marcher Trojan impersonating Android update: New firmware update? No, it’s the devious Marcher Android trojan up to no good – Android-based malware comes with new tricks, bells, and whistles. Based on ZScaler research: Android Marcher: Continuously Evolving Mobile Malware. Weird: the Cluley blog shows a toy soldier, where my first thought […]
Continue reading Marcher Trojan Impersonating Android Update
Apteligent report on ‘WHICH ANDROID MANUFACTURER PUSHES OS UPDATES THE FASTEST?’, Android device crash rates, device fragmentation… Commentary by John Leyden for The Register: Two-speed Android update risk: Mobes face months-long wait = We need to outpace malware-flingers, securo folk warn David Harley
Continue reading Apteligent Evaluating Android
Lengthy description/analysis of an interesting Android ransomware threat from McAfee: ‘Cat-Loving’ Mobile Ransomware Operates With Control Panel. I look forward to hearing commentary from Grumpy Cat. There is, however, no truth in rumours of a German language version known as BlackForestGato. (Also posted to AVIEN, where I maintain a ransomware resource page.) David Harley
Continue reading Android/Ransom.ElGato
Malware opens wire-wire fraudster’s door to security researchers Continue reading Wire-Wire Scam
I’ve added two stories to the AVIEN blog and resources pages touching on the link between support scams and ransomware. Ransomlock.AT: ransomware meets support scams Ivan Kwiatkowski on Scamming the Support Scammer In the second one, the link is rather more tenuous: it’s basically about how a support scammer was tricked into running ransomware on […]
Continue reading Support scams and ransomware
Paul Ducklin for Sophos: Apple rushes out iOS update, shuts out jailbreakers Continue reading Locking in iOS Jailbreakers
Links to commentary on Apple’s bounty programme Continue reading Apple’s Bug Bounty Programme