Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    July 2014
    S M T W T F S
    « Jun    
     12345
    6789101112
    13141516171819
    20212223242526
    2728293031  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Mobile’ Category




    The first quarter of the year saw cybercrime hit targets that may not have been considered worthwhile in previous quarters. Multiple Bitcoin exchanges found themselves the victims of various attacks and were forced to close shop. The most high-profile victim Mt. Gox, which had been, at one time, the leading Bitcoin exchange in the world. Exchanges were not the only target. With more than 12 million Bitcoins in existence - with a value of 6-8 billion US dollars - it ...




    We've recently found a vulnerability in certain Android apps that may leave user data at risk of being captured or being used to launch attacks. The two affected apps we investigated are both highly popular: The productivity app has at least 10M installs and hundred thousands of customer reviews based on their download page The shopping-related app has at least 1M installs and several thousand customer reviews based on their download page This issue lies in a certain Android component which basically executes ...




    In an earlier blog post, we mentioned that mobile apps are also affected by the Heartbleed vulnerability. This is because mobile apps may connect to servers affected by the bug. However, it appears that mobile apps themselves could be vulnerable because of a bundled OpenSSL library. OpenSSL Library Present in Android 4.1.1 and Certain Mobile Apps We have information that although the buggy OpenSSL is integrated with the Android system, only the Android 4.1.1 version is affected by Heartbleed vulnerability. For devices with that ...




    The severity of the Heartbleed bug has led countless websites and servers scrambling to address the issue. And with good reason—a test conducted on Github showed that more than 600 of the top 10,000 sites (based on Alexa rankings) were vulnerable. At the time of the scanning, some of the affected sites included Yahoo, Flickr, OKCupid, Rolling Stone, and Ars Technica. All the extended coverage of the flaw begs the question, “Are mobile devices affected by this?” The short answer: yes. Mobile ...




    Note: The author of the entry has been changed to Chengkai Tao. We've recently discovered a design flaw in Android devices that allows fake apps to hijack legitimate app updates, thus enabling the fake app to steal the information stored by the targeted legitimate app. The flaw lies in a common practice for mobile users in China: using an external storage device (such as an SD card) to store downloaded Android application package (APK) files. China-based users commonly update their apps directly -- ...

    Posted in Malware, Mobile | Comments Off


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice