Posted by: David Harley | August 17, 2018

Three mobile app issues and a Mac 0-Day

John Leyden for The Register: Baddies of the internet: It’s all about dodgy mobile apps, they’re so hot right now  “Rogue mobile apps have become the most common fraud attack vector, according to the latest quarterly edition of RSA Security’s global fraud report.” If you don’t mind giving your contact information away, the report is available here.


For Sophos, Matt Boddy explains how to use AppMon to see which of your Android apps are paying more attention to your conversations than you’re comfortable with. Not for beginners, but interesting. Are your Android apps listening to you?


Also for Sophos, Paul Ducklin analyses Patrick Wardle’s 0-day Mac exploit, as discussed recently at Def Con. While there’s no fix as yet, Paul points out that “Fortunately, as zero-days hacks go, this one isn’t super-serious – a crook would have to infect your Mac with malware first in order to use Wardle’s approach, and it’s more a tweak to an anti-security trick that Wardle himself found and reported last year than a brand new attack.” Apple Mac “zero day” hack lets you sneakily click [OK]


Martin Beltov for Security Boulevard: Android Man-in-the-Disk Attack Can Expose Apps & User Data –  “Security experts discovered a new Android infection mechanism called the Man-in-the-Disk attack. It takes advantage of a design issue found to be with the operating system itself that takes advantage of the external storage access. Abuse of this possibility can expose sensitive data to the criminal operators.”

David Harley

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Categories

%d bloggers like this: