Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    November 2014
    S M T W T F S
    « Oct    
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    30  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Mobile’ Category




    Secure Sockets Layer (SSL) and its successor, Transport Layer Security (TLS), are designed to provide a secure, encrypted connection between a client and a server online. For further authentication and encryption, the server is required to provide certificates. By doing so, the server can prove its identity directly and effectively. With an SSL connection, both sides can guarantee the validity and security of the communication. This is especially advantageous for services, such as online banking, email, social networks, which require secure ...

    Posted in Malware, Mobile | Comments Off



    We have previously discussed about certain file locker apps that fail to hide files properly. We recently came across yet another file locker app, AppLock, which has the same issue. However, the vulnerability concerning this app goes beyond improperly hiding files—the vulnerability can allow other apps to manipulate the app’s configuration files. The configuration files include data such as the application’s preferences files, login passwords and emails, and even the Google Ad Publisher ID, which is used for Google AdSense accounts. Access ...

    Posted in Mobile, Vulnerabilities | Comments Off



    The Chinese underground has continued to grow since we last looked at it. It is still highly profitable, the cost of connectivity and hardware continues to fall, and there are more and more users with poor security precautions in place. In short, it is a good time to be a cybercriminal in China. So long as there is money to be made, more people may be tempted to become online crooks themselves. How can we measure the growth of the Chinese underground economy? We can ...

    Posted in Mobile | Comments Off



    The first half of this year has been quite eventful for the mobile threat landscape. Sure, we had an idea the state of affairs from 2013 would continue on to this year, but we didn't know just to what extent. From ballooning mobile malware/high risk app numbers to vulnerabilities upon vulnerabilities, let's recap just what happened in the past six months and see if we can learn anything from them for the six months ahead. So, what did happen in the ...

    Posted in Mobile, Vulnerabilities | Comments Off



    Vulnerabilities in apps are always a cause for concern, especially when said apps handle sensitive information, particularly financial. We examined two popular in-app payment (IAP) SDKs—Google Wallet and the Chinese payment platform Alipay—and discovered that these contain a vulnerability that can be exploited for phishing attacks. The versions we analyzed were Google IAP versions 2 and 3 and Alipay SDK 1.0. We have notified the developers of these findings. As of this writing, Alipay has patched the vulnerability. Meanwhile, Google is ...

    Posted in Mobile, Vulnerabilities | Comments Off


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice