Tag: android
-
WireX DDoS botnet takedown shows the best side of the security industry
It is easy to be cynical about the security industry and its tendency to make ever bigger mountains out of molehills, but behind a thin layer of marketing, there are a great many people who really care about making the world a more secure place. We have seen many examples of researchers from competitor companies…
-
WireX DDoS botnet takedown shows the best side of the security industry
It is easy to be cynical about the security industry and its tendency to make ever bigger mountains out of molehills, but behind a thin layer of marketing, there are a great many people who really care about making the world a more secure place. We have seen many examples of researchers from competitor companies…
-
VB2016 preview: Wild Android Collusions
Most research into and protection against malicious apps focuses on single apps. This makes it interesting for malware authors to use app ‘collusion’: the ability of two (or more) apps to perform an attack in collaboration. Such attacks have previously been demonstrated as proof-of-concepts but had not yet been found in the wild until earlier…
-
VB2016 preview: Wild Android Collusions
Most research into and protection against malicious apps focuses on single apps. This makes it interesting for malware authors to use app ‘collusion’: the ability of two (or more) apps to perform an attack in collaboration. Such attacks have previously been demonstrated as proof-of-concepts but had not yet been found in the wild until earlier…
-
Small Talks return to the Virus Bulletin Conference
VB2015 was the 25th Virus Bulletin conference and, to celebrate the occasion, we added a third stream to the programme. Dubbed “Small Talks”, these talks were longer than those on the regular programme and took place in a smaller room, which allowed for a more informal discussion. Various subjects were covered, ranging from targeted attacks…
-
Small Talks return to the Virus Bulletin Conference
VB2015 was the 25th Virus Bulletin conference and, to celebrate the occasion, we added a third stream to the programme. Dubbed “Small Talks”, these talks were longer than those on the regular programme and took place in a smaller room, which allowed for a more informal discussion. Various subjects were covered, ranging from targeted attacks…
-
VB2015 paper: Will Android Trojans, Worms or Rootkits Survive in SEAndroid and Containerization?
Google ‘s Android operating system may have a bit of a bad reputation when it comes to security, but it’s worth noting that recent versions of the operating system have been hardened a lot. In a paper presented at VB2015, Sophos researchers Rowland Yu and William Lee look at two recent security enhancements, Security Enhancements…
-
VB2015 video: Making a dent in Russian mobile banking phishing
Sebastian Porst explains what Google has done to protect users from phishing apps targeting Russian banks. In the last few years, mobile malware has evolved from a mostly theoretical threat to a very serious one that affects many users. Indeed, several talks at VB2015 dealt with various aspects of mobile security in general and that…
-
Stagefright vulnerability leaves 950 million Android devices vulnerable to remote code execution
The operating system has been patched, but it is unclear whether users will receive those patches. Researchers at mobile security firm Zimperium have discovered a remote code execution flaw in the Stagefright media library used on Android phones. The vulnerability allegedly means it could, for instance, take one MMS message for an attacker to run…
-
VB2014 paper: Leaving our ZIP undone: how to abuse ZIP to deliver malware apps
Gregory Panakkal explains that there are different ways of looking at APK files – and that sometimes that can have unintended consequences. Since the close of the VB2014 conference in Seattle in October, we have been sharing VB2014 conference papers as well as video recordings of the presentations. Today, we have added ‘Leaving our ZIP…