A flaw was found in rizin. The create_section_from_phdr function allocates space for ELF section data by processing the headers. Crafted values in the headers can cause out of bounds reads, which can lead to memory corruption and possibly code execution through the binary object’s callback function.
My latest book continues to sell well. Its ranking hovers between 1,500 and 2,000 on Amazon. It’s been spied in airports.
Reviews are consistently good. I have been enjoying giving podcast interviews. It all feels pretty good right now.
You can order a signed book from me here.
For those of you in New York, I’m giving at book talk at the Ford Foundation on Thursday, April 6. Admission is free, but you have to register.
WooCommerce, a popular plug-in for running WordPress-based online stores, contains a critical vulnerability that could allow attackers to take over websites. Technical details about the vulnerability have not been published yet, but the WooCommerce team released updates and attackers could reverse-engineer the patch.
“Although what we know at this time is limited, what we do know is that the vulnerability allows for unauthenticated administrative takeover of websites,” researchers from web security firm Sucuri said in a blog post. “Website administrators using this plugin are advised to issue the patch as soon as possible and check for any suspicious activity within their WordPress websites such as any administrative actions performed from unrecognized IP addresses.”
So, can Android phones get viruses and malware? The answer is yes, and likewise you can do several things to spot and remove them from your phone.
A couple things make Android phones attractive to cyber criminals and scammers. First, they make up about half of all smartphones in the U.S. and roughly 71% worldwide. Second, while its operating system gives users the flexibility to install apps from multiple apps markets, it also makes the operating system more vulnerable to tampering by bad actors. Also, Android has a more fragmented ecosystem with multiple device manufacturers and different versions of the operating system. As a result, each may have different security updates, and consistency will vary depending on the carrier or manufacturer, which can make Android phones more vulnerable to threats.
So, just like computers and laptops, Android phones are susceptible to attack. And when you consider how much of our lives we keep on our phones, the importance of protecting them can’t be overstated. Steps truly are called for. With a look at how viruses and malware end up on Androids, you’ll see that you have several ways of keeping you and your phone safe.
When it comes to viruses and malware on Android phones, malicious apps are often to blame. They’ll disguise themselves in many ways, such as utility apps, wallpaper apps, games, photo editors, and so on. Once installed, they’ll unleash their payload, which can take several forms:
Adware that floods your phone with pop-ups and clicker malware that simulates clicking on ads, which generates ad revenue for views and clicks on ads—and which can steal personal information as well.
Spyware that tracks your activity and can potentially harvest personal information like usernames and passwords.
Billing and subscription fraud, which uses several types of tricks to overcharge for services or subscribe to other services that you don’t want. In some cases, an app will offer a free trial and then charge excessive subscription fees after the trial ends.
Banking trojans that use sophisticated techniques to skim login credentials or hijack sessions, which then let bad actors steal money from your accounts.
CoinStealers and fake wallets can steal your crypto wallet credentials or seed and take control of the funds.
Ransomware and phone locker attacks, while less common, lock away personal info and files on the phone then demand payment for them to be released (payment being no guarantee that the hacker will actually unlock the phone).
Google Play does its part to keep its virtual shelves free of malware-laden apps with a thorough submission process as reported by Google and through its App Defense Alliance that shares intelligence across a network of partners, of which we’re a proud member. Further, users also have the option of running Play Protect to check apps for safety before they’re downloaded.
Yet, bad actors find ways to sneak malware into the store. Sometimes they upload an app that’s initially clean and then push the malware to users as part of an update. Other times, they’ll embed the malicious code so that it only triggers once it’s run in certain countries. They will also encrypt malicious code in the app that they submit, which can make it difficult for reviewers to sniff out.
Beyond Google Play, Android allows users to download apps from third-party app stores, which may or may not have a thorough app submission process in place. Moreover, some third-party app stores are actually fronts for organized cybercrime gangs, built specifically to distribute malware.
You might spot the signs rather quickly. Sometimes, you might not. Some malware can make your phone run poorly, which may indicate a technical issue, yet it can also be a symptom of a hacked phone. Others work quietly in the background without you knowing it. Either way, both cases provide good reasons to run regular scans on your phone.
Let’s look at some possible signs:
Malware has a way of taking up resources and eating up battery life as it furiously does its work in the background. For example, adware or clicker malware can hijack your phone and tap the central processing unit to run the complex calculations needed to mine cryptocurrencies like bitcoin, thus putting high stress on your device. In a way, it’s like having a second person using your phone at the same time as you are. This can make your phone hot to the touch, like it’s been sitting in the sun, because the stress malware puts on your phone could cause it to overheat.
Adware is annoying as it sounds, and potentially even more malicious in nature. If popup ads suddenly pepper your phone, it may be malware that distributes ads without your consent, which can generate revenue for rogue developers (they can get paid per view and per click). Worse yet, adware can also collect personal information and browsing history from your phone, which bad actors can then sell—a major invasion of your privacy.
A potential telltale sign that your phone has been compromised is the appearance of new apps that you didn’t download, along with spikes in data usage that you can’t account for. Likewise, if you see calls in your phone’s history that you didn’t make, that’s a warning as well.
Like an overdraft statement or seeing a suspicious charge your bank statement, this is a possible sign of malware installed on your device and is using it to perform subscriptions scam or premium SMS messages to unsolicited services.
Broadly, you can take two big steps toward keeping you and your phone safer from attack. The first is to keep a critical eye open as you use your phone. Malware authors rely on us to trust what we see a little too quickly, such as when it comes time to download that new app or tap on a link in a phishing email that looks legitimate, yet most certainly isn’t upon closer inspection. Slow down and scrutinize what you see. If something seems fishy, don’t tap or interact with it.
The second big step is to use online protection software on your Android phone. In addition to providing strong antivirus protection and removal, it has further features that protect you against identity theft, online scams, and other mobile threats—including credit card and bank fraud, malicious texts, sketchy links, and bogus QR codes.
With that, here are a few more steps you can take:
Update your phone’s operating system. Along with installing security software, keeping your phone’s operating system up to date can greatly improve your security. Updates can fix vulnerabilities that hackers rely on to pull off their malware-based attacks. It’s another tried and true method of keeping yourself safe—and for keeping your phone running great too.
Avoid third-party app stores. As mentioned above, Google Play has measures in place to review and vet apps to help ensure that they are safe and secure. Third-party sites may very well not, and they may intentionally host malicious apps as part of a front. Further, Google is quick to remove malicious apps from their store once discovered, making shopping there safer still.
Review apps carefully. Check out the developer—have they published several other apps with many downloads and good reviews? A legit app typically has quite a few reviews, whereas malicious apps may have only a handful of (phony) five-star reviews. Lastly, look for typos and poor grammar in both the app description and screenshots. They could be a sign that a hacker slapped the app together and quickly deployed it.
Go with a strong recommendation. Yet better than combing through user reviews yourself is getting a recommendation from a trusted source, like a well-known publication or from app store editors themselves. In this case, much of the vetting work has been done for you by an established reviewer. A quick online search like “best fitness apps” or “best apps for travelers” should turn up articles from legitimate sites that can suggest good options and describe them in detail before you download.
Keep an eye on app permissions. Another way hackers weasel their way into your device is by getting permissions to access things like your location, contacts, and photos—and they’ll use malicious apps to do it. If an app asks for way more than you bargained for, like a simple game wanting access to your camera or microphone, it may be a scam. Delete the app.
Scammers have put Android phones in their crosshairs. And for some time now. While phishing emails and smishing texts with sketchy links persists as avenues of attack, a popular form of attack comes by way of malicious app downloads. One reason why is that malicious apps disguise themselves so well, as a utility or game you really want on your phone. You’re more apt to tap “Install” when you’re actively shopping for an app than to tap on a link in an unsolicited email or text.
Yet as with so many of today’s online attacks, a combination of good sense and strong online protection software can prevent viruses and malware from ending up on your phone. Slowing down and putting preventative measures in place goes a long way toward keeping what’s arguably your most important device far more secure.
The post Spot and Remove Viruses from Your Android Phone appeared first on McAfee Blog.
Provides businesses with early warnings to evict threat actors before they can encrypt data
Rapid7 InsightVM suffers from insufficient session expiration when an administrator performs a security relevant edit on an existing, logged on user. For example, if a user’s password is changed by an administrator due to an otherwise unrelated credential leak, that user account’s current session is still valid after the password change, potentially allowing the attacker who originally compromised the credential to remain logged in and able to cause further damage. This vulnerability is mitigated by the use of the Platform Login feature. This issue is related to CVE-2019-5638.
An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a denial of service (unbounded recursion) via a nested Netlink policy with a back reference.
The vulnerability could allow an unauthenticated attacker to gain admin privileges and take over a website
The move reportedly did not stem from a compromise of GitHub systems or customer information
SaaS-based external attack surface management (EASM) company Cyberpion has rebranded as Ionix, at the same time adding a clutch of new cybersecurity capabilities to its namesake offering.
Designed to provide a “wider coverage and deeper focus” into its customers’ internet-facing assets and connected dependencies, the revamp of Ionix’s system will feature new abilities such as extending visibility into connected assets and shadow IT, and scoring risks based on possible blast radius.
