Security Alerts & News
by Tymoteusz A. Góral

History
#1001 McAfee Labs: Threats Report (PDF)
Partners in crime: investigating mobile app collusion

Mobile operating systems support multiple communication methods between apps running on mobile devices. Unfortunately, these handy interapp communication mechanisms also make it possible to carry out harmful actions in a collaborative fashion. Two or more mobile apps, viewed independently, may not appear to be malicious. However, together they could become harmful by exchanging information with one another. Multiapp threats such as these were considered theoretical for some years, but McAfee Labs recently observed colluding code embedded in multiple applications in the wild. In this Key Topic, we provide a concise definition of mobile app collusion, explain how mobile app collusion attacks are manifested, and how businesses can protect themselves from such attacks.

The state of cryptographic algorithms

Trust is an Internet cornerstone, built on the belief that messages and files freely exchanged on the Internet are authentic. Foundational to that are hashing functions that transform messages and files into a short set of bits. But what happens if cybercriminals break these hashing functions? In this Key Topic, we examine mainstream hashing functions and explain how they become more susceptible to cyberattacks as processor performance increases. We also show the volume of certificates still signed by outdated and weakened hashing functions, including certificates used in industrial and critical infrastructure applications. Finally, we make the case that businesses should actively migrate to stronger hashing functions.

Pinkslipbot: back from its slumber

After three years in hibernation, W32/Pinkslipbot (also known as Qakbot, Akbot, QBot) has re-emerged. This backdoor Trojan with wormlike abilities initially launched in 2007 and quickly earned a reputation for being a damaging, high-impact malware family capable of stealing banking credentials, email passwords, and signing certificates. Pinkslipbot infections dwindled in 2013 but made an aggressive return near the end of 2015. The malware now includes improved features including antianalysis and multilayered encryption abilities to prevent it from being reverse engineered by malware researchers. In this Key Topic, we document its history, evolution, recent updates, and the botnet infrastructure. We also provide details about its self-update and data exfiltration mechanism as well as McAfee Labs’ effort to monitor Pinkslipbot infections and credential theft in real time.
Read more
#1007 Google launches Android programming course for absolute beginners
#1006 Apple’s official statement on why the iOS 10 kernel is not encrypted
#1005 WordPress security update patches two dozen flaws
#1004 Unpatched remote code execution flaw exists in Swagger
#1003 Let’s Encrypt celebrates big HTTPS milestone
#1002 Hackers would like to join your LinkedIn network - and you'd probably accept them
#1001 McAfee Labs: Threats Report (PDF)
#1000 ‘GODLESS’ mobile malware uses multiple exploits to root devices
#999 Firm pays $950,000 penalty for using WiFi signals to secretly track phone users
#998 Advantech patches WebAccess remote code execution flaws
#997 Ransomware a two-year nightmare in the making
#996 Nuclear, Angler exploit kit activity has disappeared
#995 Patched libarchive vulnerabilities have big reach
#994 154 million voter records exposed, revealing gun ownership, Facebook profiles, and more
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12