Rogue developers hiding Android malware in apps on Google Play

Respected security blogger Brian Krebs reports that an “explosion in Android malware” is being fuelled by a growing market for hijacked of rogue developer accounts on Google Play, Google’s official Android app store.

Twitter makes two factor the authentication process du jour

Following the examples of Google, Facebook, Yahoo and DropBox, Twitter is reportedly ready to roll out a two factor sign in process for its millions of users. This comes in light of February’s attack when some 250,000 passwords were stolen.

What do Win32/Redyms and TDL4 have in common?

At the beginning of January 2013, we started tracking the interesting Win32/Redyms trojan family. Redyms is notable for changing search results from popular search engines on infected machines.

How to keep your email clean and safe

Your email account can be used by cyber criminals to spread malware or attempt to steal personal details from you. Follow our tips for a safer email experience.  Create and use secure passwords As with all your online activity, you should always choose passwords that are hard to guess and to crack. This means long

The Dynamic Duo for Securing your Android: Common Sense and Security Software

On Thursday, September 12, Duo Security, a young-but-respected vendor of two-factor authentication devices, announced the preliminary results of a study of over 20,000 Android devices from a two month old study they performed. Based on the results, they calculated that over half of Android devices on the market have security vulnerabilities that are, as yet,

You've Got (Nation State Hacked) Mail

We read in the New York Times that Google is rolling out a service that will attempt to alert users when it thinks their accounts might be subject to hacking by a government, hoping the user will take precautions after getting a notice that says “Warning: We believe state-sponsored attackers may be attempting to compromise

Google's data mining bonanza and your privacy: an infographic

Do you use Google? These days the question sounds almost absurd. If you use the Internet, or an iPhone, or an Android phone, or a Kindle or an iPad, then of course you use Google in some shape or form. And if you take a keen interest in how your personal information is used, you

Windows Phone 8: Security Heaven or Hell?

Introduction Mobile World Congress 2012 is almost upon us, and one of the most hotly-anticipated topics is the next generation of Microsoft’s smartphone operating system Windows Phone 8, which has been kept under wraps far more tightly than its PC counterpart, Windows 8. While Microsoft was an early adopter in the creation of smartphones with

Beware of SOPA Scams

Tomorrow, on January 18, 2012, dozens of popular websites covering a diverse range of subjects will be blacking out their home pages in protest of the U.S. Stop Online Piracy Act (SOPA).  Some of these websites are well-known, such as the English language web site for the encyclopedic Wikipedia and quirky news site Boing Boing,

SOPA bytes GoDaddy’s business, and it will hurt you too.

SOPA as currently constructed can never work as intended. I'm not going to get into the reasons we don't like it because of its oppressive implications or because it is against our first amendment rights nor for any other reason (there's been so much other commentary on those issues that it would be superfluous). I

Limpieza en el Android Market

En este último tiempo, debido al gran crecimiento y popularidad del sistema operativo Android, los creadores de malware han desarrollado muchas amenazas para esta plataforma. Muchas de estos códigos maliciosos se encuentran por lo general alojados en repositorios de aplicaciones no oficiales, pero eventualmente pueden filtrarse estas aplicaciones a los repositorios oficiales. Esta semana Google

La concientización ayuda a la seguridad

La seguridad informática es una temática que está teniendo una muy grande repercusión, más que nada en un equipo conectado a Internet, que es el foco principal de propagación de malware. Para esto se han generado distintas políticas de seguridad, como por ejemplo la navegación con el protocolo HTTPS, para navegar en sitios que contengan

Gaddafi and Search Poisoning: Think before clicking on search results

Scam artists and cyber-criminals welcomed today's news of the demise of Libyan leader Muammar Muhammad Abu Minyar al-Gaddafi (often referred to as simply Gaddafi or Gadhafi). Why? Because few events fuel Internet search activity as much as the death of a famous–or infamous–person, although celebrity weddings and divorces are also a big search driver. It's a

Google Eye Phish: Bait Me A Hook In The Morning

…I’ve been seeing quite a few scrawny, toothless piranha mailed from email addresses that are often spoofed but invariably dubious like google.phishing.team@a_latvian_mail_provider.com…

Malware De-Cloaked

… people have been asking me about Google’s interesting paper on Trends in Circumventing Web-Malware Detection…

The Price of Fame

…there are (over) 2,095,006,005 Internet users nowadays (due credit to www.internetworldstats.com). Inevitably, some of them are going to have the same name as real celebrities and fictional characters…

Cycbot: Ready to Ride

Although the “Ready to Ride” group originated in Russia it distributes Win32/Cycbot outside the borders of the Russian Federation. Going by the prices per installation the primary target of the group is the US.

Anti-Phishing Day

Too bad it doesn’t exist. I mean really exist. Here is how an anti-phishing day that is designed to be a highly effective educational deterrent to phishing would work. Google, Facebook, Hotmail, Yahoo, Twitter, Myspace, Banks, Online Gaming sites, such as World of WarCraft, and others would all send phishing emails to their users. Yes,

Seguridad por casualidad: Google no funcionará en navegadores desactualizados

El día de hoy, Google anunció en su blog para Latinoamérica, que Google Apps comenzará un nuevo plan para soportar solo navegadores modernos. Teniendo en cuenta la cantidad de ataques que aprovechan vulnerabilidades de software en los navegadores, se trata de una interesante iniciativa de seguridad. ¿Así es? Veamos, este es el anuncio específico de

Gmail Accounts Under Attack

Google posted information today about an attack against some Gmail account holders. In this case the attack appeared to be directed at government officials in the US and Korea, as well as Chinese political activists, journalists and military personnel. If you don’t fit in these categories it doesn’t mean you are not at risk, it

Follow us

Copyright © 2015 ESET, All Rights Reserved.