Mobile Security - Infoworld en Russian SMS Trojan for Android hits U.S., dozens of other countries <p>An Android Trojan app that sends SMS messages to premium-rate numbers has expanded globally over the past year, racking up bills for users in over 60 countries including the U.S., malware researchers from Kaspersky Lab said.</p> <p>The malware program, which Kaspersky products detect as Trojan-SMS.AndroidOS.FakeInst.ef, dates back to February 2013 and was originally designed to operate in Russia.</p> Mobile Technology Security Android Anti-spyware Cyber Crime Mobile Security Malware Wed, 23 Apr 2014 19:50:23 +0000 admin 241093 at Coding error protects some Android apps from Heartbleed <p>Some Android apps thought to be vulnerable to the Heartbleed bug were spared because of a common coding error in the way they implemented their own native OpenSSL library.</p> <p>FireEye scanned 54,000 Android applications in Google's Play store on April 10 to see which ones are vulnerable to Heartbleed. The flaw, publicly disclosed on April 7, is contained in OpenSSL, a code library used to encrypt data traffic.</p> Mobile Technology Security Android Mobile Apps Mobile Security Vulnerability Assessment Wed, 23 Apr 2014 12:08:37 +0000 admin 241031 at Mysterious malware steals Apple credentials from jailbroken iOS devices <p>A malware campaign of yet-to-be-determined origin is infecting jailbroken iPhones and iPads to steal Apple account credentials from SSL encrypted traffic.</p> <p>The threat was discovered after some users <a href="" target="_blank">reported on Reddit</a> that they experienced crashes in some applications as a result of a mysterious MobileSubstrate add-on called Unflod.</p> Mobile Technology Security Anti-spyware iOS iPad iPhone Jailbreak Apps Mobile Security Malware Tue, 22 Apr 2014 12:33:26 +0000 admin 240954 at German researchers hack Galaxy S5 fingerprint login <p>It took just four days for German researchers to trick the Samsung Galaxy S5's fingerprint scanner into accepting a mold of a fingerprint instead of a real finger.</p> <p>Despite fingerprint authentication being one of the headline features on Samsung's new flagship model, the company's implementation of it "leaves much to be desired," SRLabs said in a video demonstration of the hack <a href="" target="_blank">posted on Youtube.</a></p> Mobile Technology Security Samsung Android Authentication Mobile Security Hacking Identity Management Smartphones Wed, 16 Apr 2014 13:53:02 +0000 admin 240603 at Google patches Android icon permissions attack <p>Google has issued a patch for an attack that could lead an Android user to a phishing site, according to security vendor FireEye. FireEye recently spotted an malicious Android application that could modify the icons of other applications so that when they're launched, they send victims to a phishing website.</p> <p>The malware is abusing a set of permissions known as "" and ""</p> Mobile Technology Security Google Android Mobile Security Malware Patch Management Phishing Tue, 15 Apr 2014 11:39:01 +0000 admin 240495 at Your no-fuss, fail-safe guide to protecting Android devices <div id="blog-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 192px;"><img src="" alt="Your no-fuss, fail-safe guide to protecting Android devices" width="243" height="182" align="right" /><br /><em><p align="right">Credit: Alexander Shirokov</p></em></div> Mobile Technology Security Android Mobile Security Mon, 14 Apr 2014 10:00:00 +0000 Galen Gruman 237650 at Google amps up fight against malicious apps with enhanced Android security <p>Google is boosting Android security safeguards to better detect potentially harmful apps throughout their life cycle.</p> <p>The security enhancement, announced Thursday, is designed to continually check Android devices to detect vulnerabilities in apps that could be introduced at any time. Previously, malicious apps downloaded outside of Google Play could only be flagged at the time of installation.</p> Mobile Technology Security Google Android Application Security Mobile Security Vulnerability Assessment Fri, 11 Apr 2014 11:27:11 +0000 admin 240283 at Review: 3 encryption tools protect sensitive data -- and more <p>Encryption is one of the best ways to prevent the type of terrible headaches that <a href="" target="_blank">many high-profile companies</a> have experienced with stolen data. Even if experienced hackers are able to penetrate a system, having the data encrypted can mean that nothing useful is taken.</p> Mobile Technology Security Encryption Mobile Security IDG Insider Tue, 01 Apr 2014 10:00:00 +0000 uphan 239520 at Smartphone kill-switch could save consumers $2.6 billion per year <p>Technology that remotely makes a stolen smartphone useless could save American consumers up to $2.6 billion per year if it is implemented widely and leads to a reduction in theft of phones, according to a new report.</p> <p>Law enforcement officials and politicians are pressuring cellular carriers to make such technology standard on all phones shipped in the U.S. in response to the increasing number of smartphone thefts. They believe the so-called "kill switch" would reduce the number of thefts if stolen phones were routinely locked so they became useless.</p> Mobile Technology Mobile Security Smartphones Mon, 31 Mar 2014 11:36:59 +0000 admin 239467 at HP makes printing easier, secure in BYOD environments <p>Using mobile devices for one-off printing tasks on office printers may not be a big deal, but Hewlett-Packard is trying to mitigate any security risk through direct wireless printing features it is bringing to enterprise printers.</p> Computer Hardware Hewlett-Packard (HP) Wi-Fi BYOD Printers Mobile Security Mon, 17 Mar 2014 15:15:24 +0000 admin 238474 at Xamarin works with Samsung to ease Knox development <p>Xamarin and Samsung Electronics have worked together to make it easier for developers to create apps that can run on Samsung's Knox security platform.</p> <p>Xamarin's platform lets developers use C# to build native applications for iOS, Android, Mac and Windows, and share on average 75 percent of the source code across the different operating systems, according to the company.</p> Application Development Mobile Technology Samsung Android Mobile Apps Mobile Development Mobile Security Mon, 17 Mar 2014 14:59:21 +0000 admin 238497 at Secusmart puts its BlackBerry encryption chip to work on the desktop <p>At around €2,000 ($2800) each, the secure smartphones that SecuSmart showed at Cebit last year were out of reach of many businesses -- although three governments have since bought them to secure mobile phone calls between senior officials, according to CEO Hans-Christoph Quelle. Now the company has developed a less expensive and more flexible system intended for the enterprise and has extended the reach of its mobile system to secure VOIP calls on desktop phones.</p> Computer Hardware Mobile Technology Security Authentication Mobile Apps Encryption Processors Mobile Security Fri, 14 Mar 2014 18:30:05 +0000 admin 238434 at Another security weakness found in iOS 7 <p>A researcher has discovered a weakness in iOS 7 that would enable an attacker to bypass a number of mechanisms Apple uses to prevent exploitation of the operating system's kernel.</p> <p>The problem stems from being able to brute force the random number generator, called the Early Random PRNG, to predict its outcomes. The generator is used by a number of important memory protections for iOS devices.</p> Mobile Technology Apple iOS Mobile Security Fri, 14 Mar 2014 14:25:37 +0000 admin 238415 at Some Samsung Galaxy devices contain a file access backdoor, Replicant developers say <p>The developers of Replicant, a mobile OS based on Android, claim to have found a backdoor vulnerability in a software component shipped with some Samsung Galaxy devices that potentially provides remote access to users' private files through the device modem.</p> <p>The problem is located in the proprietary library that handles communications between the Android OS and the firmware running on the modem chipset, also known as the baseband or radio processor.</p> Mobile Technology Security Android Authentication Mobile Security Vulnerability Assessment Thu, 13 Mar 2014 16:20:32 +0000 admin 238332 at Class action suit filed against Google over children's in-app purchases <p>Google is facing a lawsuit over unauthorized in-app purchases on Android devices by children.</p> <p>The class action suit is brought on behalf of all persons in the United States who paid for unauthorized purchases of game currency by their minor children through the Google Play app store. It was filed in the U.S. District Court for the Northern District of California, one of the law firms that filed the suit said Monday.</p> Application Development Mobile Technology Android Mobile Apps Mobile Security Mobile Tools Tue, 11 Mar 2014 11:52:43 +0000 admin 238149 at Researchers hope to secure development of mobile apps with faster code scans <p>Fraunhofer Institute researchers are working to speed up the scanning of mobile app code for security flaws, aiming to offer developers in a few milliseconds the kind of analysis that once required an all-night scan of code.</p> <p>In fact, the researchers are showing not one but three tools to evaluate or enhance the security of mobile apps at the Cebit trade show in Hanover, Germany, this week, the other two intended to detect flaws in already-deployed apps.</p> Application Development Mobile Technology Security Development Tools iOS Mobile Apps Mobile Development Mobile Security Mon, 10 Mar 2014 19:42:43 +0000 admin 238094 at Android malware detection boosted by university research <p>With smartphones and tablets increasingly at risk from malware, researchers from North Carolina State University have devised a new and potentially better way to detect it on Android devices.</p> <p>The tool they have developed, called PREC (Practical Root Exploit Containment), is trained to uncover aberrant code written in the C programming language, the language in which they say most malicious Android code is written.</p> Mobile Technology Security Android Mobile Security Security Fri, 07 Mar 2014 22:21:32 +0000 admin 237986 at New crimeware tool Dendroid makes it easier to create Android malware <p>A new commercial tool designed to allow cybercriminals to easily transform legitimate Android applications into malicious software has hit the underground market, paving the way for cheap and easy development of sophisticated Android malware.</p> <p>The toolkit is called Dendroid and can be used to create "trojanized" apps -- legitimate applications with malicious code added to them -- that connect back to a command-and-control server over HTTP and allow attackers to perform a variety of malicious actions on devices that have those apps installed.</p> Mobile Technology Security Android Mobile Apps Mobile Security Internet Privacy Malware Thu, 06 Mar 2014 20:28:23 +0000 admin 237860 at Android-based malware: the good, the bad, and the ugly <p>When it comes to mobile devices, it's well known that malware writers like to target Android. But a threat report published today by security firm F-Secure puts in perspective why Android malware attacks often flop and why Android itself is no pushover.</p> Mobile Technology Security Android Mobile Security Malware Wed, 05 Mar 2014 15:18:16 +0000 admin 237701 at Pre-installed malware turns up on new Android devices <p>David Jevans, CTO and founder of Marble Security, recently received some bad feedback from a potential customer testing his company's product, which helps organizations manage and secure their mobile devices.</p> <p>"They basically said 'Your stuff doesn't work'," Jevans said. "It thinks Netflix is malicious."</p> Mobile Technology Security Motorola Mobility Samsung Android Cyber Crime Mobile Security Malware Wed, 05 Mar 2014 12:52:35 +0000 admin 237700 at