News  General
USB Flash drive

Stop laughing at the back there...

Ever really thought about what USB devices are? Would it surprise you to learn they actually have all the elements of a full blown computer, together with memory, data transfer and an OS? When you connect one to your computer, smartphone or laptop, you are in fact granting it access to the innermost corners of your device - and if the bad guys have got to it first, they are in there as well.

USB devices identify themselves using firmware, that is software on the device itself to tell the kit it's connected to what it is (such as a keyboard, mouse or memory stick etc) and what it can do. The eagle-eye amongst you will have already spotted the key there being "firmware", which is the software onboard the USB device itself. Software which can be reprogrammed. That's right - a keyboard can be told to tell whatever it is being connected to it's a pair of bluetooth speakers, and the host would not know any different and blindly try to play audio through it. Even worse is the way the firmware can actually hide a bad payload completely - so any inspection doesn't show up anything untoward - until the time is right, when it can pounce and infect the host.

News  Android
ASM Security

Android security is broken and we think we can fix it

North Carolina State University and the German institution Technische Universitat Darmstadt have created a proposal to radically shake up and harden the Android security model. Termed ASM, for Android Security Modules, the proposal is aimed at creating a flexible kernel capable of embracing current and future security systems without compromising functionality. 

There is a downside, however, in that implementing it requires some serious changes to the core Android security model - not least of which is root access to the devices - and these may well prove to be too difficult to implement whilst retaining backward compatibility with the millions of Android Apps currently available. Once installed however, root access isn't required for Apps to take advantage of the system from then on. The hope is that users won't see any of all this disruption, however, as manufacturers are encouraged to bake it into their devices so it's onboard when they leave the factory.

News  Android
SandroRAT is Android malware disguised as a security app

Beware SandroRAT: Android malware disguised as a security App

A nasty Remote Access Tool (RAT) has been uncovered which goes by the name of SandroRAT.

Disguised in a supposedly legitimate email from various respected financial institutions, the malware starts out by (ironically) warning users malware has been detected on their phone.

Once infected, compromised devices can find their SMS messages, contacts, call logs and browser history is then stolen and reported back to the bad guys. It can even activate the devices microphone, store recordings on the SD card and upload them remotely later.


News  General
Facebook color changer malware

Facebook smartphone users warned

Users are being warned to avoid a new Facebook app claiming to allow them to change their profile page header and color. Victims are tricked into downloading the app which then directs them to a phishing website, which then takes advantage of a weakness in the way Facebook handles its app pages. More than 10,000 users have already been hit, experts from internet security firm Cheeta Mobile warned.

The app is called "Facebook color changer" and when activated allows the hackers full access to the victims Facebook contacts, profile and accounts. It is slightly unusual, and particularly sneaky, in that when first run it directs the users to a video supposedly showing how the color change function works. What the users don't realize, however, is that whilst watching this video, the hackers are actually rummaging through their Facebook account.