As we have discussed in our previous blogs, the ability to determine what app is currently running in the foreground is central for mobile banking malware to create overlay "injections" to phish the current running application. Android 5.0 Lollipop and Android 6.0 Marshmallow have thwarted malware’s ability to find the current running task by deprecating getRunningTasks() API, but ever since Google rolled out the Android security enhancement, malware authors have engaged in a cat-and-mouse game of workarounds and fixes. We have been blogging about each of these malware evolutions as we spot them in the wild.
The recent variants of Android.Bankosy and Android.Cepsohord, observed over the last quarter, are using two new tricks to circumvent the new security enhancements. One of these two techniques requires an additional special permission from the user, while another does not require any additional permission at all.
Twitter has revealed that the firm has paid out $322,420 to bug bounty hunters in only two years.
It was not that long ago that researchers seeking to report security vulnerabilities in systems and software had few outlets to do so. Emails and contact forms were the standard communication channel, and should a bug be investigated and deemed valid, the researcher was likely to receive little more than a pat on the back and perhaps public credit.
However, things have changed. Cyberthreats and data breaches are now a daily occurrence, which means businesses looking to protect their products and networks have to either hire in-house or seek external help to discover and fix problems before they can be exploited.
Something is happening with TeamViewers servers at the moment, and all clues point to a massive breach that has led to many users going on Reddit and complaining about having their computers hacked, some even reporting seeing new purchases in their PayPal accounts.
The problems started around noon today when users weren't able to connect to the TeamViewer network. A few hours later, the company's website also went down, but the team managed to bring it back online a few hours later.
On Twitter, the TeamViewer team wrote that they're only experiencing issues in some parts of their network, but they denied any security breach, at least on their side.
Some users have reported finding new transactions in their PayPal and bank accounts, while others discovered someone had been poking around their email account.
"Encryption and privacy is not the same thing," said Nick Savvides, Symantec APAC cybersecurity strategy manager.
Encryption is a privacy "enhancing tool", Savvides went on to explain, while privacy is more about handling what information is collected, how the collected information is handled, and what other data can be derived from it. The two are often confused because they are related: Encryption is used to maintain privacy.
Savvides said that unfortunately most websites do not use encryption, highlighting the company's most recent Internet Threat Security Report, which revealed that 97 percent of active websites do not have any basic security and 75 percent have unpatched vulnerabilities, with 16 percent of those being critical.