Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Thursday, 28 September, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Android users warned to delete six apps that could steal 1000s

Joker malware found within Google app stores by security team

by The Gurus
September 11, 2020
in Uncategorized
Cybersecurity has become the fastest growing start-up sector in UK
Share on FacebookShare on Twitter

Cybersecurity team Pradeo has alerted Google to urgently remove six applications on the Google Play store after it was discovered that they contain the sinister Joker malware which has spyware capabilities and can sign individuals up to costly subscriptions without them knowing.

In Pradeo’s research blog, Roxane Suau stated: “Joker is a malicious bot (categorized as Fleeceware) which main activity is to simulate clicks and intercept SMS to subscribe to unwanted paid premium services unbeknownst to users. Altogether, the 6 apps account for nearly 200.000 installs.”

Commenting on the news, Michael Barragry, operations lead at Edgescan, explained to the IT Security Guru:

Like every aspect of security, cryptography is an ever-evolving consideration – what was considered secure 2-3 years ago may now be out of date. Much of this is due to researchers who discover implementation weaknesses and/or manage to improve efficiency of algorithms so that theoretical flaws have now become computationally feasible to exploit.
Each of the 3 most broken rules listed below could give rise to a variety of vulnerabilities:

  • Unsafe PRNG: could lead to the compromise of any upstream process which depends upon it – an example could be the generation of a public/private key pair.
  • Broken Hash function: Hash functions play a key role in cryptographic signatures – if a weak hash is used this could allow an attacker to forge a TLS certificate and masquerade as another system or device
  • CBC mode: Encryption which uses Cipher Block Chaining mode can often give rise to padding oracle attacks which can allow an attacker to fully decrypt a piece of ciphertext
FacebookTweetLinkedIn
Share2Tweet
Previous Post

More critical vulnerabilities within WhatsApp discovered

Next Post

New cryptographic platform from MIT allows sharing of sensitive data in the wake of a cyberattack

Recent News

software security

Research reveals 80% of applications developed in EMEA contain security flaws

September 27, 2023
Cyber insurance

Half of organisations with cyber insurance implemented additional security measures to qualify for the policy or reduce its cost

September 27, 2023
Fraud and online banking

Akamai Research Finds the Number of Cyberattacks on European Financial Services More Than Doubled in 2023

September 27, 2023
ICS Reconnaissance Attacks – Introduction to Exploiting Modbus

ICS Reconnaissance Attacks – Introduction to Exploiting Modbus

September 27, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information