Android

(get it in RSS or Atom)

Android "FBI Lock" malware - how to avoid paying the ransom

andr-cuff-250

The latest "FBI Lock" Android ransomware reported by SophosLabs follows a familiar theme.

But it has a slight sting in the tail to make it trickier to remove, so we thought we'd take you through the steps...

Android app market pirates busted by FBI

pirate-250

Six Americans charged with large-scale piracy of Android apps.

But what about their "customers"?

Is there really an increased risk of malware from unlawfully acquired apps?

Introducing Jibo: adorable home robot or the Eye of Sauron?

Introducing Jibo: adorable home robot or the Eye of Sauron?

Launched by famed MIT Media Labs roboticist Cynthia Breazeal, he's poised to smile, dance, and giggle his way into our hearts, our homes, and hopefully not into the lucrative position of pawning data about where we like to shop.

SSCC 156 - Warbiking in Manhattan, hubris for Google, and how less can be more [PODCAST]

chet-chat-logo-featured-250

Sophos experts Chester Wisniewski and Paul Ducklin are back with this week's security podcast, turning plain old news into advice you can use.

Monday review - the hot 22 stories of the week

dow-250

It's weekly roundup time!

Here's all the great stuff we've written in the past seven days.

SSCC 154: Fraud, viruses, patches and encryption (in that order!) [PODCAST]

chet-chat-logo-featured-250

Where does your country sit on the fraud list? Just how much can you trust SMSes on Android? Is Apple serious enough about iOS security? And will Google's End-To-End email encryption plugin save the world?

Find out with Chet and Duck in this week's Chet Chat podcast...

Coinbase wallet app in SSL/TLS SNAFU

Bitcoin digital wallet

The popular Bitcoin wallet Coinbase has a security flaw in its Android apps which could allow an attacker to steal authentication codes and access users' accounts, according to a security researcher.

Coinbase is far from alone in leaving its wallet app users vulnerable, so what should you do to stay safe when using mobile banking apps?

Anatomy of a buffer overflow - Google's "KeyStore" security module for Android

ks-250

Here's a cautionary tale about a bug, courtesy of IBM.

Not that IBM had the bug, just to be clear: Google had the bug, and IBM researchers spotted it.

Anatomy of an Android SMS virus - watch out for text messages, even from your friends!

slf-logo-250

Paul Ducklin looks into "Andr/SlfMite-A", an Android SMS virus.

The malware sends itself to your top 20 contacts and foists an third party app for an alternative Android software market onto your device...

"Towelroot" app makes it easy to root Galaxy S5 and other locked Androids...

towels-250

Galaxy S5 users will be cheering. System administrators are probably groaning.

Paul Ducklin looks at an Android-era variant of Hamlet's dilemma: "To root or not to root, that is the question."

SSCC 153: TrueCrypt, Towelroot, Cryptowall, and spam in Canada [PODCAST]

chet-chat-logo-featured-250

Chester Wisniewski and Paul Ducklin present this week's edition of the regular Sophos security podcast, the "Chet Chat."

In this episode: the TrueCrypt saga continues; the Towelroot software for unlocking Androids; ransomware after CryptoLocker; and Canada's long, long, long-awaited anti-spam law.

What's next for ransomware? Cryptowall picks up where CryptoLocker left off

Cryptowall-250

With many victims paying up, ransomware is a lucrative business for cybercrooks, and CryptoLocker has inspired copycats who want in on the loot.

John Zorabedian looks at ransomware that seems to be filling the void left by CryptoLocker's takedown last month...

SSCC 151 - Measuring vulns, Apple and Wi-Fi privacy, Android ransomware and more [PODCAST]

sscc-151-250

It's our weekly security pocast!

Chester Wisniewski and Paul Ducklin dig into the latest security news for lessons we can all learn...

Mobile malware, Gameover, CryptoLocker, and SSL/TLS holes - 60 Sec Security [VIDEO]

2014-06-07-thumb-250

How long has mobile malware been around? Is it really game over for Gameover and CryptoLocker? Which cryptographic security libraries need patching?

It'll only take a minute to find out...

Latest OpenSSL flaws can lead to information leakage, code execution and DoS

Only two months after the Heartbleed vulnerability in OpenSSL captured global headlines we have another critical update for OpenSSL fixing 6 new flaws.

CryptoLocker wannabe "Simplelocker" scrambles your files, holds your Android to ransom

sl-bars-250

"If the crooks keep copying Windows threats that were financially lucrative," you're thinking, "we'll soon see Android ransomware that doesn't just lock your device, but locks up your data instead, or as well."

Guess what?

Unhappy birthday to you - mobile malware turns 10

10yomm-feat-3-250

It's 10 years since June 2004, when the first mobile malware appeared.

We don't want to *celebrate* this anniversary, you understand, but we thought we'd look back to see what we can learn...

FitzRoy, Oleg Pliss, Spotify and TrueCrypt - 60 Sec Security [VIDEO]

2014-05-31-thumb-250

Did FitzRoy get hacked? Who is Oleg Pliss? What's up with Spotify? Where has TrueCrypt gone?

60 Second Security - 31 May 2014

Yes, your smartphone camera can be used to spy on you...

smartphone-camera-250

A researcher claims to have written an Android app that takes photos and videos using the device camera, even while the screen is turned off - so you wouldn't even know the camera was spying on you.