National Security Agency’s (NSA) SE Linux team, citing critical gaps in the security of Android , is building a Security Enhanced (SE) version of the publicly available source code for the Android project. This is a variant of the SE Linux project co-developed by NSA and RedHat, which gives (among other things) a more granular
Exactly how people will abuse digital technology for their own ends is difficult to predict, but organizations must plan ahead to protect data and systems. That's why we have been posting our "best guess" cybersecurity predictions on the Threat Blog this month. Today we present 9 of the most important predictions in the form of
I want share with you what ESET Latin America’s Research team thinks will be the main trends in malware and cybercrime in 2012. In our office it is usual to produce an analysis of emerging trends in a year-end report and so, in keeping with recent postings by my ESET colleagues, I present a summary
Android-specific software that checks for Carrier IQ could create an unanticipated problem.
Recently we see allegations that CarrierIQ is quietly collecting more information than Android users bargained for. In one case, Trevor Eckhart thinks he proved that they register users’ keystrokes without the users’ knowledge for reasons subject to ongoing speculation. We certainly had no trouble finding the CarrierIQ software on an HTC phone, where it possessed
One of the blessings of Open Source initiatives is the rapidity with which coders can release quality collaborative code. This is one of the ways the Android managed to claw its way into the smartphone mainstream, after arriving late to the game. But as the app ecosystem matures, vulnerability/patch management becomes more of an issue,
Awhile back we mused that the rapid rise in Android malware would hit its stride near the intersection of widespread mobile financial transaction use, and the continuing steep rise in adoption of the platform. Now we see AT&T, T-Mobile and Verizon entering a joint venture to back a payment service for, guess what: Mobile financial
I have an Android in my pocket as I type, with all kinds of cool apps ranging from GPS navigation to acoustic guitar tuner (really cool) – and apparently I’m not alone. Users are scooping up the latest batch of Android smartphones in record numbers, and what better target can malware authors ask for? Well,
With the proliferation of the data we hold on our mobile devices, it’s no wonder Neil Daswani, CTO of Dasient, says around 8% of the apps they tested have been leaking data. In a similar vein, he states, “The number of malware samples on mobile devices has doubled in the past two years.” Google tends
The mobile devices of late have more compute power than the full desktop PC of yesteryear, and they fit it your pocket, great news for folks “on the go.” And since you’re so multi-tasked anyway, why not load it up with things to make your life easier, after all, it’s really a phone with a
Android Smartphones are under attack again by rogue applications that once installed are reading information from the phone and sending it back to a pre-assigned location. According to mobile security firm as many as 120,000 users may have been infected from a cafeteria selection of at least two dozen applications from the Android Market. “Once
There are reports coming out today about Google Android and how approximately 99.7% of its users are potentially open to compromise. This news cycle started by the Ulm University publishing some information on the 13th of May showing some results. I'm sure this story will develop and CTAC may follow-up to my blog with more details;
...35% of iPhone/Android users in the US interact with their smartphones before they get out of bed...
As I have blogged about the Android platform a recurring comment has been “When will ESET have protection for my Android?” Well, I still don’t know when it will be available for sale, but for those who understand the risks involved with running beta software, have backed up all of their data on their Adnroid
...all the relevant malware they've seen uses exploits that are restricted to Android OS 2.2 and below...
At a time when Gartner estimates that we'll have downloaded 17.7 billion + mobile apps worldwide by the end of this year, I couldn't help thinking that Android users are likelier to pay for lax screening in the Android Market than users who are protected by reasonably strict application whitelisting. Well, it looks like that concern had some justification. There are a spate of stories today about >50 applications pulled from the Android Market
A recent article at http://www.thinq.co.uk/2011/1/20/android-trojan-captures-credit-card-details/#ixzz1Bb8RGsWS describes how an attack against Android based phones might be able to capture your credit card information even when you speak it into the phone. The interesting thing about this proof of concept is not that the application can capture voice details, but rather that it uses a second application
The Lookout Mobile Security company is reporting a new trojan horse program that runs on Android based phones. The novel thing about this trojan is that it has enough functionality to allow the criminals to assemble an Android based botnet. This really should come as no surprise. The Android is not a phone with web
Sure, iPhones are a lot more stable than Androids, but there is one place that Android has it all over the iPhone… you get to know what resources an app can access before you install it. This capability, coupled with comments on apps can really help you make better decisions about what you install on
Back in the early 1990’s I had a 386 with 4 megabytes of RAM and a very large 80 megabyte hard drive. That little 386 could do something an Android phone cannot natively do. I could do a screen capture and save it to a file. I thought that for some of my blogs on