Category Archives: IT Security News

IT Security News

The new Android Android.HeHe Trojan;blocks incoming calls and SMS messages

App installs itselfGoogle’s Android Is consolidating its position as the most popular mobile operating system and primary attack target for malicious actors interested in compromising mobile devices.
“FireEye Labs has recently discovered six variants of a new Android threat that steals text messages and intercepts phone calls” (fireeye.com, 2014) called Android.HeHe”.

It is a Trojan horse for Android devices that blocks incoming calls and SMS messages from specific numbers and disguises as a genuine android security update also known as OS update. “It contacts the command-and-control (CnC) server to register itself then goes on to monitor incoming SMS messages.he CnC is expected to respond with a list of phone numbers that are of interest to the malware author. If one of these numbers sends an SMS or makes a call to an infected device, the malware intercepts the message or call, suppresses device notifications from the device, and removes any trace of the message or call from device logs.

Continue reading The new Android Android.HeHe Trojan;blocks incoming calls and SMS messages

Securing virtual servers

Every organization is going for virtualization. The main reason being cost cutting and to ensure maximum utilization of hardware resources. Virtualization has revolutionized the data centre and is one of the key foundational technologies underlying cloud computing. This has made Several companies rushing frantically into deploying virtualization solutions both in their private and public clouds, without taking into account the risks involved.  But when organizations are going virtualization, the technology has got its own inherent vulnerabilities.

Continue reading Securing virtual servers

Man in the Browser

Cyber crooks use this attack method to capture confidential information (password, security codes, credit card numbers etc.) that they can use to their advantage. And the online banking sector is specifically targeted.

Vulnerability

“While browsing around, you may come across a malicious site that may convince you to download some freeware. But what you don’t know is that along with the free stuff you can also download a virus or a malware” bullguard.com (2013).

It “infects a web browser by taking advantage of vulnerabilities in browser security to modify web pages, modify transaction content or insert additional transactions, all in a completely covert fashion invisible to both the user and host web application.” wikipedia.org, (2013) Continue reading Man in the Browser

Malware Threats Rise for Mobile Banking

mobile malwareLast year alone on Google’s mobile Android platform, Trend Micro detected 350,000 “malicious and high-risk” Android app samples, according to a report by the digital security firm. That’s an increase from the 1,000 samples it saw the previous year. Only 20% of Android device owners use a security app, the company has found. [http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/reports/rpt-repeating-history.pdf] Continue reading Malware Threats Rise for Mobile Banking

The new banking trojan ‘KINS’

According to Security magazine http://www.scmagazine.com, there is a new banking Trojan being sold in the cyber-crime underground and could be poised to infect new victims as quickly and effectively as its Zeus, SpyEye and Citadel predecessors”( blogs.rsa.com). the malware is called KINS, the developer is “selling it for $5,000” (csoonline.com, July 24, 2013).

Banking trojan KINS
Banking trojan KINS

Continue reading The new banking trojan ‘KINS’

“THE BIG BROTHER” PRISM AND HOW IS BEING PROPAGATED IN ANDROID BASED DEVICES

Information security, cyber security and system auditor enthusiasts have been preoccupied on the China Hackers, Anonymous and Otherhacking groups. Was this a diversionary tactic by the big brother. He has been busy developing legislations to tighten cyber security, some of this legislation are against constitutional right of Right for privacy, Was it a conspiracy. Now we are taken of guard when the reality hits us about prism. Which is used to harvest data for security purposes.

Many of us have heard A new 0s on the block growing daily and bringing new company and internet experience, The Android. Android is a tree 0s developed by google and used in myriads of devices like the smartphones, computer tablets, Camera etc

The scary part of it is that when you are having a good time with Your family, friends lover S and business associates. The devices are secretly monitoring you and tending the info to be big bother Scary! are you scared? That the tip on the ice . you thought nobody is watching.This has been confirmed by google  “Through its open-source Android project, Google has agreed to incorporate code, first developed by the agency in 2011, into future versions of its mobile operating system, which according to market researcher IDC runs on three-quarters of the smartphones shipped globally in the first quarter. NSA officials say their code, known as Security Enhancements for Android, isolates apps to prevent hackers and marketers from gaining access to personal or corporate data stored on a device. Eventually all new phones, tablets, televisions, cars, and other devices that rely on Android will include NSA code, agency spokeswoman Vanee’ Vines said in an e-mailed statement. NSA researcher Stephen Smalley, who works on the program, says, “Our goal is to raise the bar in the security of commodity mobile devices.”

“Vines wouldn’t say whether the agency’s work on Android and other software is part of or helps with Prism. “The source code is publicly available for anyone to use, and that includes the ability to review the code line by line,” she said in her statement. Most of the NSA’s suggested additions to the operating system can already be found buried in Google’s latest release—on newer devices including Sony’s Xperia Z, HTC’s One, and Samsung Electronics’ Galaxy S4. Although the features are not turned on by default, according to agency documentation, future versions will be. In May the Pentagon approved the use of smartphones and tablets that run Samsung’s mobile enterprise software, Knox, which also includes NSA programming, the company wrote in a June white paper. Sony, HTC, and Samsung declined to comment.

When you are taking a photo of your family. Making a business deal. Beware by brother is watching you!