Google's New 'Bouncer' Targets Android Market Malware

Hard on the heels of the controversy that arose recently around Symantec and its claims that numerous apps on the Android Market were actually malware in disguise, Google on Thursday unveiled a new tool to help it identify malicious apps.

android malware
Symantec subsequently recanted its assertions, of course, but in the meantime there's now a service called “Bouncer” that aims to keep the Android Market free of malware by quietly and automatically scanning it for questionable apps.

“Today we’re revealing a service we’ve developed, codenamed Bouncer, which provides automated scanning of Android Market for potentially malicious software without disrupting the user experience of Android Market or requiring developers to go through an application approval process,” wrote Hiroshi Lockheimer, vice president of engineering for Android, in a Thursday post on the Google Mobile Blog.

Read more »


VeriSign Hacked: What We Don't Know Might Hurt Us

VeriSign – the company behind the root DNS servers that provide the foundation for the Web, and formerly the largest encryption certificate authority – has revealed that it was repeatedly hacked in 2010. Details are sparse thus far, but the revelation calls into question the security of the Internet itself.

Let’s start with what (little) we know. The disclosure did not happen as a result of VeriSign discovering the breach and taking responsible, proactive action to alert customers and address the situation. No, VeriSign buried the information in a quarterly Securities and Exchange Commission (SEC) filing as if it was just another mundane tidbit.

Depending on what was hacked or compromised, much of the Internet could be at risk.
IT staff at VeriSign allegedly discovered the compromise in 2010, but hid the incident from upper management until sometime in 2011. VeriSign itself may not be at fault for the initial delay in disclosure, but it appears that a significant amount of time has passed since VeriSign executives learned of the breach, and yet the company still tried to sneak the information covertly in an SEC filing.

Read more »


Symantec Shouldn't Backpedal on Android 'Malware'

Symantec stirred up controversy last week when it announced the discovery of apps in the Android Market that it deemed malicious. Symantec has now stepped back from calling the apps “malware”, but it still maintains that the apps in question do unwanted things that legitimate apps shouldn’t do…so what’s the difference, exactly?

First a quick recap. Symantec identified some apps from the official Android Market that were doing suspicious things, and dubbed the “threat” Android.Counterclank. Lookout Mobile Security took issue with the Symantec news and claimed that the apps are simply part of an “aggressive” ad network rather than malware. Upon further investigation, Symantec recanted on its malware claims and agreed that the apps are, in fact, adware or spyware.

If an app does shady things without explicit authorization, it's malware.
The thing is, the apps do things that cross the line. Symantec says the apps can change the default home page in the browser, add bookmarks, and place shortcuts. Those are the sorts of actions I associate with browser hijackers in Windows, and I can say with confidence that I would not appreciate having an app perform those actions without my explicit consent on my smartphone.

Read more »


RFID Credit Cards Are Easy Prey for Hackers, Demo Shows

It's been known for some time that there are security issues associated with the increasing use of RFID tags in credit cards, but this past weekend afforded a fresh demonstration of just how easy it is for hackers to take advantage of them.

Onstage at the Shmoocon hacker conference in Washington, D.C., Recursion Ventures security researcher Kristin Paget used about $350 in equipment to wirelessly read a volunteer’s RFID-enabled credit card and then encode its key data onto a blank card, as described Monday by Forbes.

Next, she used the fraudulent card and a Square Card Reader to make a payment to herself.

Read more »


Norton Wants To Help You Remember Your Password

If you're anything like me, you're usually quick to reach for the "Forgot Password" link on most webpages that you don't visit that often. Sure you could have your browser remember your passwords for everything, but that probably isn't the best approach when it comes to handling your login information.

Today, Norton launched a public beta of its new Norton Identity Safe service for Windows, Mac, iOS, and Android. Similar to 1Pass, Norton Identity Safe will store your website login info into an encrypted file that is protected by a single master password. That way, instead of having to remember several different passwords and usernames, you only need to remember the one.

Any password or usernames entered on the desktop client will be automatically synced to the apps and vice versa. And, for an even safer browsing experience, Norton Identity Safe comes with Norton Safe Search built-in. Safe Search uses Norton's database of websites to tell you if site is trustworthy or not.

Read more »


Five Ways to Protect Your Email at Work

Despite the popularity of real-time communications like instant messaging, as well as updates via Facebook and Twitter, most workplaces still use and rely on email. As handy as email can be, it can also be dangerous. Attachments can contain viruses, and email messages can hide phishing links that lead you to fake websites in an attempt to steal your login information.

Tech giants including Google and Facebook aim to establish a new standard called DMARC to reduce these threats in the future. For now, however, there are five things you can do to help secure your email.

1. Use a Password

Read more »


FireAMP Fights Malware with Big Data Analytics

SourceFire is a trusted name in information security. It has been around for over 10 years, and it is the steward of popular open source tools like Snort intrusion detection. Now, SourceFire is using big data analytics to give organizations better tools to fight malware with FireAMP.

FireAMP is a malware discovery and analysis platform that can identify advanced malware threats, and provide data necessary to understand the scope of the threat, and contain it. It uses a small agent on endpoints to relay data to FireCLOUD--a cloud-based analysis engine that uses big data analytics to identify and score threats that are missed by other security tools.

FireAMP gives a graphic representation of the threatscape that lets you drill down to "patient zero".
In and of itself, FireAMP defies easy classification. It is a new type of security tool that does not fit easily into any standard categories like antivirus, or antispyware, or firewall. Yet, it seems to have some overlap with existing security tools to augment their capabilities.

Read more »