Latest

Adobe announce security vulnerability, should be fixed Nov 9

0
by 3 years ago
0

Adobe have recently announced that there is a security vulnerability in some of their software, including Flash for Android. In particular, Adobe Flash Player 10.1.95.2 and earlier versions. It is worth noting that Adobe is not currently aware of attacks targeting Flash, but our advice is to be safe and switch to on-demand plugins (Settings -> Enable Plug-ins -> On Demand). This vulnerability (CVE-2010-3654) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against Adobe Reader and Acrobat 9.x. Adobe…

Flash fix security hole and are set to release Adobe Air?

0
by 3 years ago
2

It’s a session of good news from Adobe right now. Not only have they fixed the security vulnerability effecting Android devices with Flash, but they may also be set to release a version of Adobe AIR for Android in the not too distant future. I am often asked what Adobe AIR actually is, in particular by gadget enthusiasts who are not super technical. Adobe AIR isn’t just a catchy name; AIR actually stands for something: Adobe Integrated Runtime (AIR). So, Adobe Integrated Runtime is an environment that allows one piece of code written on a Windows machine to run perfectly…

SMS Trojan app appears on Android devices

0
by 3 years ago
1

Kaspersky Lab, a firm specializing in security development, confirmed that it detected the first Trojan SMS app for Android smartphones.  The app, called Trojan-SMS.ANdroidOS.FakePlayer.a, is disguised as a media player and prompts users to install its 13KB .APK application file.  The Trojan is SMS-based and sends text messages to premium messaging service phone numbers that results in large phone bills.

‘Def Con’ Conference reveals Android vulnerabilities

0
by 3 years ago
0

At a recent software security conference called Def Con, Nicholas Percoco, head of Spider Labs, basically revealed how easy it is for an Android hacker to grab hold of your personal information, SMS, make calls and even grab your location. The whole thing allegedly took them two weeks to build. “There are people who are much more motivated to do these things than we are,” he added. The actual phones used in the demonstration of the attack took place on HTC Legend and Desire smartphones. Of course, the point is that it could be conducted on any Android phones. According…

Android application safety and security

0
by 4 years ago
1

Over the last few days there have been a number of blog posts and reports stating that ’20% of Android Applications threaten privacy’ or ‘pose a potential privacy threat’. These sensational headlines came about after SMobile Systems published a white paper stating that this was the case (having done research to prove it). What has subsequently become clear is that SMobile Systems’ President and Vice President of Operations are former AT&T employees. As you will know, AT&T have the iPhone and Android is a significant competitor. Furthermore, SMobile Systems sell software for Android which protects against security threats. Overall, there…

Vodafone Android Phone comes with Mariposa Malware

3
by 4 years ago
163

An article at Internet Storm Center published yesterday warns of  Malware on the HTC Hagic. Panda Security came across the infection when one of their employees baught a brand new Vodafone Android device and plugged it into their Windows based computer. Analysis of the malware revealed that it was a Mariposa bot client. In a blog post at Panda Security, researcher Pedro Bustamante said, “Here is yet another example of a company distributing malware to its userbase. Unfortunately it probably won’t be the last”. Bustamante noted that when a colleague/friend of his hooked up the Vodafone HTC Magic to her…

Motorola DROID unlock screen and Google account security flaw uncovered

Android-sorry-2
4
by 4 years ago

Uh oh, a security flaw that allows unauthorized access to a locked Motorola DROID has been discovered rather haphazardly by desperate folks who were locked out of their phone. After 20 incorrect tries at entering the proper unlock sequence, an Android handset will lock itself, requiring the user to enter their Google account information. Sounds nice and easy, except there is a bug in older Android phones – even when you enter the proper credentials, the phone remains locked. This desperate situation led people to try all sorts of procedures to access the phone and turn off or change the…

Symantec following Android closely

0
by 5 years ago
141

In an interesting piece at CNNMoney.com, Janice Chaffin (head of Symantec’s consumer-security software division) has speculated that the world’s largest security software maker could develop antivirus and antispyware software for Android. “Today we’re on Windows,” Chaffin said. “We’re going to evaluate things like [ Android] as it goes forward.” Obviously, a few boxes have to be ticked first, however. For example, Symantec are currently only “evaluating” whether to get involved and the outcome of this decision primarily rests upon whether there is a sufficient uptake of Android on more traditional laptop/computer-style devices. Naturally, if Android were to work its way…

T-Mobile UK G1 owners getting a security update for Cupcake?

0
by 5 years ago
173

We’ve been hearing buzz that T-Mobile UK has released another firmware update that addresses a security hole found in the recently released Android 1.5 “Cupcake” update for the T-Mobile G1. Phandroid.com has posted a list of user reports that appear to back that up. We have no other information at this time, but this certainly would help explain why T-Mobile USA chose to delay its own Cupcake update.

Android has Secrets

0
by 5 years ago
155

Over at Google Code a new application has shed its covert cover and made its way into the lime light. Secrets For Android is a new way to store and manage sensitive information such as password, social security numbers and, well, secrets. Apart from offering Android users all of the above, the application servers another function too; all of the source code is available on the Apache 2.0 licence, so you can examine the code yourself, or modify it to your needs. Specifically, the source code illustrates how “applications can perform file I/O, use the crypto APIs, and do some…