Tag: Check | Page 7

Check your Android phone immediately and delete these popular apps now

December 4, 2022/in Mobile Security

Android phone users have been hit by yet another worrying warning that could leave personal details in the hands of hackers. Security experts at Synopsys Cybersecurity Research Center (CyRC) have discovered three popular applications that appear to have a serious flaw which could allow online crooks to gain full access to vital data such as user names and passwords.

The apps, which are all available via the Google Play Store, have been downloaded over two million times which is why this latest news is so serious.

All of the software included in the warning offers the ability to transform Android phones into remote keyboards or a mouse for PCs. It’s that handy functionally which is why the applications have proven to be so popular.

However, CyRC says its research has uncovered weak or missing authentication mechanisms and insecure communication vulnerabilities in all three of the apps. This means they could be easy to exploit with hackers then able to use the apps to eavesdrop on keystrokes and see exactly what people are inputting, such as passwords, on their PCs.

It’s a pretty scary flaw and here is the full list of apps affected

• Telepad versions 1.0.7 and prior

• PC Keyboard versions 30 and prior

• Lazy Mouse versions 2.0.1 and prior

Although the developers don’t appear to have meant to have released anything malicious the applications remain vulnerable even though they have been warned about the problems.

CyRC has confirmed that it has reached out to the creators of the apps multiple times but has not received a response.

It appears that all three of the applications remain widely used but they are neither maintained nor supported, and evidently, security was not a factor when these applications were developed.

If you think you have them on your Android phone and are worried but the lack of security, CyRC is recommending you remove them immediately.

Speaking about the threat, Synopsys Cybersecurity Research Center (CyRC) said: “We have exposed multiple vulnerabilities in three applications that enable an Android device to be used as a remote keyboard and mouse for their computers.

“Lazy…

Source…

Chrome fixes 8th zero-day of 2022 – check your version now – Naked Security

November 27, 2022/in Internet Security

Google has just patched Chrome’s eighth zero-day hole of the year so far.

Zero-days are bugs for which there were zero days you could have updated proactively…

…because cybercriminals not only found the bug first, but also figured out how to exploit it for nefarious purposes before a patch was prepared and published.

So, the quick version of this article is: go to Chrome’s Three-dot menu (⋮), choose Help > About Chrome, and check that you have version 107.0.5304.121 or later.

Uncovering zero-days

Two decades ago, zero-days often became widely known very quickly, typically for one (or both) of two reasons:

A self-spreading virus or worm was released to exploit the bug. This tended not only to draw attention to the security hole and how it was being abused, but also to ensure that self-contained, working copies of the malicious code were blasted far and wide for researchers to analyse.
A bug-hunter not motivated by making money released sample code and bragged about it. Paradoxically, perhaps, this simultaneously harmed security by handing a “free gift” to cybercriminals to use in attacks right away, and helped security by attracting researchers and vendors to fix it, or come up with a workaround, quickly.

These days, the zero-day game is rather different, because contemporary defences tend to make software vulnerabilities harder to exploit.

Today’s defensive layers include: additional protections built into operating systems themselves; safer software development tools; more secure programming languages and coding styles; and more powerful cyberthreat prevention tools.

In the early 2000s, for instance – the era of super-fast-spreading viruses such as Code Red and SQL Slammer – almost any stack buffer overflow, and many if not most heap buffer overflows, could be turned from theoretical vulnerabilities into practicable exploits in quick order.

In other words, finding exploits and “dropping” 0-days was sometimes almost as simple as finding the underlying bug in the first place.

And with many users running with Administrator privileges all the time, both at work and at home, attackers rarely needed to find ways to chain exploits together to take…

Source…

Check your kid’s browser for this Roblox malware

November 23, 2022/in Computer Security

The latest high-profile heist of valuable digital currency has nothing to do with Bitcoin or Ethereum. Nope, this time thieves are stealing currency and assets from Roblox players. Roblox is a massively popular kid’s game platform that has a disturbing amount of real money trading hands, and it’s become the target of a series of Chrome extensions hiding malware.

According to BleepingComputer, at least two extensions posted to the official Chrome Web Store were fronts for a backdoor program that gathers a Roblox player’s user info and potentially makes them a target for hacking, especially if they’re also a user of the third-party Rolimons.com currency trading system.

The “SearchBlox” extensions claim to allow you to search quickly for other users, and were apparently legitimate at some point, but have been compromised within the last month. While one of the extensions has been downloaded less than a thousand times, the other has more than 200,000 installations. There’s circumstantial evidence that one or more people are stealing Roblox currency with the data gathered by the hidden backdoor.

At the time of writing, both “SearchBlox” extensions are still live in the Chrome Web Store, with the primary listing enjoying a “Featured” badge. This, despite the fact that Google culled similar compromised extensions just last month.

As always, be wary of third-party browser extensions, and check their updates to make sure they haven’t been “injected” with unnecessary or malicious code. And on a bit of a tangent, if you’re letting your children play Roblox, you might want to take a closer look at its monetization and labor issues — Minecraft might be a better kid-friendly choice.

Source…

SASE Reality Check: Security and SD-WAN Integration Journey

November 1, 2022/in Internet Security

By: Nav Chander, Head of Service Provider SD-WAN/SASE Product Marketing at Aruba, a Hewlett Packard Enterprise company.

Today, enterprise IT leaders are facing the reality that a hybrid work environment is the new normal as we transition from a post-pandemic world. This has meant updating cloud, networking, and security infrastructure to adapt to the new realities of hybrid work and a world where employees will need to connect to and access business applications from anywhere and from any device, in a secure manner. In fact, most applications are now cloud-hosted, presenting additional IT challenges to ensure a high-quality end-user experience for the remote worker, home office worker, or branch office.

Network security policies that are based on the legacy data-center environment where applications are backhauled to the data center affect application performance and user experience negatively within a cloud-first environment. These policies also don’t function end-to-end in an environment where there are BYOD or IoT devices. When networking and network security requirements are managed by separate IT teams independently and in parallel, do you achieve the best architecture for digital transformation?

So, does implementing a SASE architecture based on a single vendor solve all of these challenges?

SASE, in itself, is not its own technology or service: the term describes a suite of services that combine advanced SD-WAN with Security Service Edge (SSE) to connect and protect the company from web-based attacks and unauthorized access to the network and applications. By integrating SD-WAN and cloud security into a common framework, SASE implementations can both improve network performance and reduce security risks. But, because SASE is a collection of capabilities, organizations need to have a good understanding of which components they require to best fit their needs.

A key component of a SASE framework is SD-WAN. Because of SD-WAN’s rapid adoption to support direct internet access, organizations can leverage existing products to serve as a foundation for their SASE implementations. This would be true for both do-it-yourself as well as managed services…

Source…

Tag Archive for: Check

Uncovering zero-days