Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    July 2015
    S M T W T F S
    « Jun    
  • Email Subscription

  • About Us

    Archive for the ‘Mobile’ Category

    We have discovered a vulnerability in the integrated Android debugger Debuggerd that can be used to expose the contents of the device's memory in devices running Ice Cream Sandwich to Lollipop. A specially crafted ELF (Executable and Linkable Format) file can crash the debugger and expose the memory content via tombstone files and corresponding logd log files. This information can be used in denial of service attacks, as well as to help bypass ASLR for arbitrary code execution. By itself, the vulnerability cannot be used for code ...

    Posted in Mobile, Vulnerabilities |

    Recently, researchers announced that a vulnerability in Samsung Android devices had been found which allowed attackers to run malicious code on vulnerable devices if they became the targets of a man-in-the-middle attack. In this post we will explain how this vulnerability works, and what can users do to protect themselves. The Vulnerability The stock Android keyboard on these affected Samsung devices includes some features based on the Swiftkey SDK. To implement these features, it downloads files that are specific to each keyboard language, ...

    A new breed of cybercriminals has surfaced in China. They are bolder and more reckless than their more experienced veteran counterparts. All born in the 90s, these neophytes are not afraid to get caught, carelessly leaving a trail of traceable contact details online. They find and share readily available code and use those to make their own malware. It’s these same teens that are causing a surge in mobile ransomware in the Chinese underground market. A younger mobile ransomware landscape These young cybercriminals’ ...

    Posted in Malware, Mobile |

    We’ve discovered a vulnerability in the Apache Cordova app framework that allows attackers to modify the behavior of apps just by clicking a URL. The extent of the modifications can range from causing nuisance for app users to crashing the apps completely. Designated as CVE-2015-1835, this high-severity vulnerability affects all versions of Apache Cordova up to 4.0.1. Apache has released a security bulletin confirming the vulnerability. This means that majority of Cordova-based apps, which accounts for 5.6% of all apps in ...

    Companies risk losing all their customers if they continue neglecting their app store presence. While malicious mobile apps do bring serious security concerns to the fore, (70% of top free apps have fake and mostly malicious versions in app stores) companies and developers also face another challenge in the form of copycats. For a company that needs to maintain an official mobile app on Google Play, fake or impostor apps can mean trouble for both their credibility and revenue. For users, ...

    Posted in Mobile |


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice