Another set of malicious apps has made it into the official Android app store. ESET security systems as identified them as Android/TrojanDropper.Agent.BKY, these apps form a new family of multi-stage Android malware, legitimate-looking and with delayed onset of malicious activity. These malware samples all employ a multi-stage architecture and encryption to stay under the radar.After being downloaded and installed, these apps do not request any suspicious permissions and even mimic the activity the user expects them to exhibit.
Two of most recent samples of Android/TrojanDropper.Agent.BKY were caught downloading either MazarBot, a notorious banking trojan, or spyware.
Given its nature, this downloader can deliver any payload of the criminalsâ choice as long as it doesnât get flagged by the Google Protect mechanism.
British Intelligence service is reportedly worried that Kaspersky Antivirus offered by Barclays to its customers may be being used by Russian Intelligence agency to spy, according to The Financial Times. Intelligence officials fear that this might allow Russia to gather intelligence from the computers of Government employees members of the military who are customers of the Bank and have downloaded the software. FT said that "No evidence suggests that any data of Barclays customers have been compromised by use of Kaspersky software on their computers."
After years of litigation in two countries, a federal court in the US has weighed in on a thorny question: Does Google US have to obey a Canadian court order requiring Google to take down information around the world, ignoring contrary rules in other jurisdictions?
According to the Northern District of California, the answer is no. The case is Google v. Equustek, and it's part of a growing trend in which courts around the world order companies to take actions far beyond the borders those courts usually respect.
A security researcher has turned up new ways to silently hijack and infect Android devices via malicious Wi-Fi packets over the air. Scotty Bauer, a Linux kernel developer, described in detail how he found a bunch of exploitable programming blunders in the qcacld Wi-Fi driver that supports Qualcomm Atheros chipsets.
These chips and their associated driver are used in a number of Android phones, tablets, routers, and other gizmos, including some Pixel and Nexus 5 handhelds, for wireless networking.
Dubbed Estonia for being one of the world's most wired nations, the state issues electronic Identity cards giving citizens online access to virtually all public services at a special "egovernment" state portal.
A flaw in the Swiss-made chips used in the cards makes them vulnerable to malware.
The Prime Minister announced the decision to suspend security certificates for cards until their owners download an update to patch the flaw.
By blocking the certificates of the Identity cards at risk, the state is ensuring the safety of the ID card.
The Electronic Frontier Foundation has spent the week at the annual general meeting of ICANN, the global multi-stakeholder regulatory authority for Internet domain names and IP addresses.
The focus during this meeting is on speaking out against the increasing use of the domain name system as a mechanism for content censorship.
The EFF presentations were in the form of a short and simple message to ICANN, to the registries who operate its top-level domains, and the registrars who offer domains to the public: don't pick up the censor's pen.