DTX Manchester DTX Manchester
  • About Us
Sunday, 28 February, 2021
IT Security Guru
CTX Manchester 2020 banner ad
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Android users warned to delete six apps that could steal 1000s

Joker malware found within Google app stores by security team

by The Gurus
September 11, 2020
in Uncategorized
Cybersecurity has become the fastest growing start-up sector in UK
Share on FacebookShare on Twitter

Cybersecurity team Pradeo has alerted Google to urgently remove six applications on the Google Play store after it was discovered that they contain the sinister Joker malware which has spyware capabilities and can sign individuals up to costly subscriptions without them knowing.

In Pradeo’s research blog, Roxane Suau stated: “Joker is a malicious bot (categorized as Fleeceware) which main activity is to simulate clicks and intercept SMS to subscribe to unwanted paid premium services unbeknownst to users. Altogether, the 6 apps account for nearly 200.000 installs.”

Commenting on the news, Michael Barragry, operations lead at Edgescan, explained to the IT Security Guru:

Like every aspect of security, cryptography is an ever-evolving consideration – what was considered secure 2-3 years ago may now be out of date. Much of this is due to researchers who discover implementation weaknesses and/or manage to improve efficiency of algorithms so that theoretical flaws have now become computationally feasible to exploit.
Each of the 3 most broken rules listed below could give rise to a variety of vulnerabilities:

  • Unsafe PRNG: could lead to the compromise of any upstream process which depends upon it – an example could be the generation of a public/private key pair.
  • Broken Hash function: Hash functions play a key role in cryptographic signatures – if a weak hash is used this could allow an attacker to forge a TLS certificate and masquerade as another system or device
  • CBC mode: Encryption which uses Cipher Block Chaining mode can often give rise to padding oracle attacks which can allow an attacker to fully decrypt a piece of ciphertext
0 0 vote
Article Rating
FacebookTweetLinkedIn
Share2TweetShare
Previous Post

More critical vulnerabilities within WhatsApp discovered

Next Post

New cryptographic platform from MIT allows sharing of sensitive data in the wake of a cyberattack

Subscribe
Notify of
guest
guest
0 Comments
Inline Feedbacks
View all comments

Recent News

Npower shuts down app after hackers steal customer bank info  

February 26, 2021
Partnership announcement: Edgescan partners with BSI to deliver safe and secure client solutions

Edgescan partners with BSI to deliver safe and secure client solutions

February 26, 2021
Microsoft building

Microsoft failed to fix known problems that could have prevented SolarWinds hack

February 26, 2021
Microscope

Dutch Research Council experience ransomware attack

February 26, 2021

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

More information
wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply
Privacy Settings / PENDINGGDPR Compliance

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Accept