App Security – Page 3 – WindowsTechs.com

Hackers use fake contact tracing apps in attempt to install banking malware on Android phones

Posted on June 10, 2020 by Jeff Stone

Twelve applications posing as coronavirus contact tracing apps available outside mainstream marketplaces are designed to steal personal and financial information from unwitting Android users. Apps meant to impersonate official government tracing apps from countries including Italy, Russia and Singapore trigger malicious software capable of collecting a range of data from user’s devices, the threat intelligence firm Anomali found in research shared with CyberScoop prior to its publication. It’s the latest example of hackers and scammers exploiting global events to try stealing from anxious smartphone users who, in this case, would have believed they were downloading an app designed to measure the prevalence of COVID-19 in their community. None of the apps were included in the Google Play Store at press time. Anomali determined that apps were available on suspicious websites and in third-party app markets. Researchers were unable to determine how many people downloaded the suspicious apps, and the distinct […]

The post Hackers use fake contact tracing apps in attempt to install banking malware on Android phones appeared first on CyberScoop.

Continue reading Hackers use fake contact tracing apps in attempt to install banking malware on Android phones→

70 Percent of Mobile, Desktop Apps Contain Open-Source Bugs

Posted on May 25, 2020 by Tara Seals

A lack of awareness about where and how open-source libraries are being used is problematic, researchers say. Continue reading 70 Percent of Mobile, Desktop Apps Contain Open-Source Bugs→

Introducing Cloud App Isolation

Posted on May 19, 2020 by James Locus

Manage Shadow IT and Stop Data Loss Through Cloud Apps
Cloud Apps Are a Point of Attack
Protecting workers is a challenging task—for example, 29 percent of all attacks leverage legitimate cloud services to launch an attack. Once an attacker… Continue reading Introducing Cloud App Isolation→

Zoom founder promises to remedy security, privacy concerns during a ‘feature freeze’

Posted on April 2, 2020 by Shannon Vavra

Zoom’s founder says the company behind the popular videoconferencing app will spend the next 90 days focused on fixing security issues. In a blog post Thursday, Zoom founder Eric S. Yuan said the technology firm is enacting a “feature freeze,” in which employees will turn their attention from enhancing usability toward tightening data protection. The announcement comes as the number of daily Zoom users has skyrocketed to 200 million users in March, up from 10 million in December, as much of the world’s workforce moves to remote work amid the COVID-19 pandemic. The update from the San Jose-based company comes after the FBI issued a public warning about “Zoombombing,” in which white supremacists and other unauthorized outsiders have hijacked teleconferences. In some cases, internet trolls have disrupted online classes to shout profanities at teachers. Zoom also was hit with a class-action lawsuit in which users claimed the company was sharing […]

The post Zoom founder promises to remedy security, privacy concerns during a ‘feature freeze’ appeared first on CyberScoop.

Continue reading Zoom founder promises to remedy security, privacy concerns during a ‘feature freeze’→

Scammers tried using kids apps in the Google Play store to generate cash

Posted on March 24, 2020 by Jeff Stone

Fifty-six apps in Google’s Play store included malicious software that leveraged victims’ devices to click on mobile advertisements, artificially inflating the traffic to those ads and helping scammers make money. Research published Tuesday by the security firm Check Point Technologies details how fraudsters used the network of apps, which were downloaded more than 1 million times, to exploit users’ trust and make a buck. Unlike so many other ad fraud efforts, this campaign was tailored toward children, with 24 of the 56 apps marketed towards kids. Entertainment apps and games with titles like “Cooking Delicious” and “Let Me Go,” a puzzle app, tempted kids into downloading, and then launched the malicious tool. The apps included “Tekya,” a so-called clicker malware that clicked banners and other ads from a variety of sources. Along with kids’ apps, Tekya also came embedded in cooking, calculator, translation and other utility apps. Google removed all […]

The post Scammers tried using kids apps in the Google Play store to generate cash appeared first on CyberScoop.

Continue reading Scammers tried using kids apps in the Google Play store to generate cash→

One private equity firm sells Checkmarx to another for $1 billion

Posted on March 16, 2020 by Jeff Stone

The application security company Checkmarx is changing ownership again. The private equity firm Insight Partners said on Monday it will sell Checkmarx to Hellman & Friedman, another private equity company, at a valuation of $1.15 billion. Intsight has owned Checkmarx since June 2015, when investors injected $84 million into the Israeli company. Intsight will retain a significant minority stake in Checkmarx under the terms of the deal. “As cybersecurity threats continue to intensify, we strongly believe that embedding security early in the software development lifecycle is critical,” Tarim Wasim, a partner at Hellman & Friedman, said in a statement. “We look forward to building on Checkmarx’s tremendous success to date and supporting the company’s rapid growth in the years ahead.” Founded in 2006, Checkmarx says it mitigates enterprise security risk by helping developers find vulnerabilities, then fix them. The company is perhaps best known for discovering a number of bugs […]

The post One private equity firm sells Checkmarx to another for $1 billion appeared first on CyberScoop.

Continue reading One private equity firm sells Checkmarx to another for $1 billion→

A coronavirus-tracking app locked users’ phones and demanded $100

Posted on March 16, 2020 by Jeff Stone

You can always count on hackers to exploit a terrible situation to try to make a buck. A new Android app that promises to deliver up-to-date figures on the coronavirus pandemic includes a strain of malicious software that locks up a user’s phone and demands an extortion fee. The ransomware app, called CovidLock, threatens to erase everything on an infected phone if victims don’t pay $100 in bitcoin within 48 hours, according to the security firm DomainTools. The number of users affected remains unclear. The app is not available in the Google Play store, and was accessible on a standalone website. DomainTools has said it intends to release a decryption tool for affected victims, while Reddit users claim to already have deciphered the password to release locked data. The program only represents scammers’ latest attempt to use concerns around the COVID-19 virus to defraud anxious technology users. Scams, misinformation campaigns, attempted hacks […]

The post A coronavirus-tracking app locked users’ phones and demanded $100 appeared first on CyberScoop.

Continue reading A coronavirus-tracking app locked users’ phones and demanded $100→

When Stalkerware Stalks the Enterprise

Posted on December 3, 2019 by Mike Elgan

Stalkerware is a real problem that can lead to individuals being tracked and stalked via software on their smartphones. It’s also a growing and underappreciated threat to enterprises.

The post When Stalkerware Stalks the Enterprise appeared first on Security Intelligence.

Continue reading When Stalkerware Stalks the Enterprise→

FBI assesses Russian apps may be counterintelligence threat

Posted on December 2, 2019 by Shannon Vavra

All mobile apps developed by Russian entities may be counterintelligence threats to the United States, the FBI has assessed in a letter sent to the Senate’s minority leader. “The FBI considers any mobile application or similar product developed in Russia … to be a potential counterintelligence threat, based on the data the product collects, its privacy and terms of use policies, and the legal mechanisms available to the Government of Russia that permit access to data within Russia’s borders,” Jill Tyson, the assistant director for the FBI’s office of congressional affairs, wrote in a letter to Sen. Chuck Schumer, D-NY, that CyberScoop obtained. The bureau’s concerns about Russian counterintelligence operations come in response to an inquiry Schumer sent to the FBI this summer about whether Americans’ data on FaceApp was being provided to the Kremlin. The FBI has assessed that the Russian photo-aging app, which became a viral sensation earlier this […]

The post FBI assesses Russian apps may be counterintelligence threat appeared first on CyberScoop.

Continue reading FBI assesses Russian apps may be counterintelligence threat→

The Role of Evil Downloaders in the Android Mobile Malware Kill Chain

Posted on November 27, 2019 by Alon Patelsky

Malware on official mobile app stores is a growing concern for all users. Increasingly, malware developers are getting around sophisticated app store controls by using mobile malware downloaders.

The post The Role of Evil Downloaders in the Android Mobile Malware Kill Chain appeared first on Security Intelligence.

Continue reading The Role of Evil Downloaders in the Android Mobile Malware Kill Chain→