While Android is usually the mobile platform of choice for hackers, new research that’s about to be presented at the USENIX Security Symposium in San Diego shows that it’s actually possible to use a newly discovered trick to steal data from an unsuspecting smartphone users' apps, whether they're running Android, iOS or Windows Phone, Phys.org reports.
Security has always been a huge concern for Android users. From seemingly insignificant security flaws to massive outbreaks that make international headlines, it's never a bad idea to be cautious when downloading a new app or browsing the web. Unfortunately, sometimes even being careful isn't enough. In a recent analysis, the FireEye Mobile Security Team discovered that 68% of the top 1,000 free apps on Google Play are vulnerable to man-in-the-middle attacks.
This isn’t the first time someone managed to sneak by a weapon past a TSA Rapiscan full-body X-ray scanner, but Wired reports that scientists have taken the procedure to a new level and have come up with various techniques to completely fool the security device.
The malware protection that comes with Apple’s walled-off garden is only so good as long as you stay in that confined space, as otherwise hackers will be able to attack you with malicious programs. Specifically, jailbroken iPhones, which can install any iOS app whether it’s approved by Apple or not, are obviously susceptible to malware attacks, and a Virus Bulletin advisory notice details one such malicious program that has infected at least 75,000 iOS devices to date.
Now that home automation is all the rage, household security outfit ADT is looking to dive further into the fray with a hand from If This Then That (IFTTT). Using the home alarm company's Pulse system and the appropriate channel from the recipe-based app, you'll be able to leverage automated chores from IFTTT's library of tasks including disarming the alarm when your wearable switches out of sleep mode. You can also set a coffee maker in your kitchen to start brewing when your phone alarm wakes you and get a real-time video clip when the doorbell rings. ADT Pulse allows for remote control of a home security system from a mobile app, sending alerts and sorting remote video monitoring, too. It can the wrangle the connected thermostat and outlets for lighting and small appliances as well. Right now, the cooperative effort is looking to enter beta testing shortly with plans to open up a channel to the public afterwards that's full of pre-made recipes alongside the ability to create your own.
Source: ADT (Businesswire)
The plain old padlock is getting rather dull, but add Bluetooth to it unlocks (pun intended) a whole new level of possibilities. As the name suggests, this waterproof Noke smart padlock by Fuz Designs doesn't come with any physical keys; instead, you unlock it by first getting near it with an assigned iOS or Android device (with Bluetooth LE), and then click the Noke's hook. Better yet, you can also assign a Noke to your best pals, thus eliminating the need to pass a key around. But what if your phone runs out of battery? Well, that's where your pre-assigned click pattern comes in: Simply tap that in on the hook and your Noke will magically open up. On a similar note, the device itself can last over a year with a CR3032 battery, which can be easily replaced even when completely out of juice (but it'd still be locked, of course). Check out the demo video after the break, and then you can head over to the Kickstarter page to grab one for an early-bird price of $59.
Update: Canada's OckCorp previously tried to raise funds for a similar project but failed to reach goal. %Gallery-slideshow215340%
One common smartphone sensor that never seemed to pose much of a threat might in fact be the key to eavesdropping on a stranger's conversation from afar. According to Wired, a group of researchers from Stanford University and the Israeli defense research group Rafael are going to hold a presentation at the Usenix security conference next week that will demonstrate how the gyroscope in your phone can be converted into "crude microphones" which can pick up sound waves in the area.
Security researcher Axelle Apvrille recently published a paper about AdThief, a malware aimed at hijacking ad revenue from a reportedly 75,000 infected devices. First discovered in March 2014, and also known as “spad,” the malware, which comes disguised as a Cydia Substrate extension, was found to replace the publisher ID of publishers with the one of the malware creator, effectively attributing all ad revenue to him. ... Read the rest of this post here
"AdThief malware found infecting 75,000 jailbroken devices" is an article by iDownloadBlog.com.
Make sure to follow us on Twitter, Facebook, and Google+.
Apps that use your smartphone's microphone need to ask permission, but the motion sensors? No say-so needed. That might not sound like a big deal, but security researchers from Stanford University and defense firm Rafael have discovered a way to turn Android phone gyroscopes into crude microphones. They call their app "Gyrophone" and here's how it works: the tiny gyros in your phone that measure orientation do so using vibrating pressure plates. As it turns out, they can also pick up air vibrations from sounds, and many Android devices can do it in the 80 to 250 hertz range -- exactly the frequency of a human voice.
Source: Stanford University
Can your online data ever really be safe? Not when malicious hackers are lurking around every virtual corner, constantly developing devious new ways to steal sensitive data including passwords and credit card information. Online security is constantly improving, of course, but even the biggest companies in the world are susceptible to security breaches. And the sad truth of the matter is that there's nothing you can do to protect your data once it's stored on a company's servers.
In case that harsh realization isn't scary enough on its own, a new graphic helps remind us of the eight worst online security breaches in recent history.