Syber Group
Toll Free : 855-568-TSTG(8784)
Subscribe To : Envelop Twitter Facebook Feed linkedin

Phishing Apps Plague Google Play

May 12, 2016 by  
Filed under Computing

Comments Off on Phishing Apps Plague Google Play

Google’s attempts to safeguard the Android app store — Google Play — are far from perfect, with malicious apps routinely slipping through its review process. Such was the case for multiple phishing applications this year that posed as client apps for popular online payment services.

Researchers from security firm PhishLabs claim that they’ve found 11 such applications since the beginning of 2016 hosted on Google Play, most of them created by the same group of attackers.

The apps are simple, yet effective. They load Web pages containing log-in forms that look like the target companies’ websites. These pages are loaded from domain names registered by the attackers, but because they are loaded inside the apps, users don’t see their actual location.

In some cases attackers registered domain names that are similar to those of the impersonated online payment services, PhishLab Security Threat Analyst Joshua Shilko said in a blog post.

More recently, attackers used domain names similar to those of cryptocurrency companies, suggesting that the cryptocurrency industry is also targeted.

PhishLabs did not name the exact payment card companies and online payment services whose users were targeted by these fake apps. However, most of those companies provide links to their official mobile applications on their websites and users should always use those links instead of manually searching for them on the Play store.

“In one case, a targeted company explicitly states on their website that no mobile application exists for their company and that users should be wary of any mobile application using their brand,” Shilko said.

The danger is that if phishers manage to routinely bypass Google’s review process and upload such apps to the Google Play store, their attacks might extend to other industries in the future.

Another problem is that even when these apps are detected by third-parties and reported, it can take several days for Google to remove them from the app store, leaving a sufficiently large window of opportunity for attackers. It’s not clear how attackers promote these fake apps or if they rely only on users finding them themselves, but in general phishing attacks are most effective during the first several hours after they’re launched.

Source- http://www.thegurureview.net/mobile-category/phishing-apps-continue-to-play-google-play.html

U.S. LTE Speeds Drop

October 5, 2015 by  
Filed under Around The Net

Comments Off on U.S. LTE Speeds Drop

The U.S. has dropped to No. 55 in LTE performance as speeds rise rapidly in countries that have lept ahead some early adopters of the popular cellular system.

The average download speed on U.S. 4G networks inched up to 10Mbps (bits per second) in the June-August quarter, according to research company OpenSignal. That was an improvement from 9Mbps in the previous quarter, but the country’s global ranking fell from 43rd as users in other countries made much larger gains.

The U.S. was one of the first countries with commercial LTE service when Verizon Wireless launched its network in late 2010. But other countries that adopted the system later started with better technology, and some have secured more frequencies or rolled out enhancements that U.S. carriers haven’t embraced as much, OpenSignal said.

New Zealand scored the highest average speed in the quarter with 36Mbps, coming up from nowhere in the rankings. But perennial standouts like South Korea and Singapore kept getting faster, too. The average LTE speed in Korea is now 29Mbps (up by 4Mbps), and in Singapore it’s 33Mbps, up by 5Mbps.

OpenSignal collects data on cellular performance through a free app that mobile subscribers can use to measure the speed they’re getting and find faster networks. The results announced Wednesday are based on readings from more than 300,000 users worldwide, the company said.

Countries like Hungary, the Dominican Republic and Morocco beat the U.S. in average LTE speed, but they aren’t necessarily smartphone paradises. Mobile users in America can use LTE more of the time, for example, because their carrier’s networks are built out. Subscribers in the U.S. are on LTE 78 percent of the time, on average, making the country No. 10 for what OpenSignal calls “time coverage.” Moroccan LTE may be fast, but 49 percent of the time, users there don’t get it, for example.

Source-http://www.thegurureview.net/mobile-category/u-s-falls-to-55th-place-worldwide-for-lte-speeds.html

Microsoft Updates Yammer

August 28, 2015 by  
Filed under Around The Net

Comments Off on Microsoft Updates Yammer

Microsoft unveiled a bevy of improvements to its Yammer enterprise social network, focused on helping people connect more easily with their teams.

By default, people who access Yammer via their web browser will be taken to a new “Discovery” feed on the service’s home page that is supposed to better show them relevant content from their groups along with other public teams across their company’s network. It’s supposed to help keep people in closer touch with important discussions they may be missing on Yammer.

After users finish reviewing new content in one group, Yammer will display a pop up banner with a link to the next group they’re subscribed to that has new content. Yammer’s mobile apps will get similar functionality through a new Group Updates feed that lets users see a list of different conversations in various groups all on one screen. That way, they won’t have to look through individual groups to get the same information. That feature will begin rolling out on Android first before making it to Yammer’s iOS app.

In addition, Yammer is also tweaking the design of individual groups’ pages. Now, each group will have a full-width banner at the top of its page, and discussions within the group can now take up a wider space on the page to aid in lengthier discussions. The whole page has also been redesigned to focus users’ attention on important content.

Icons in the left-hand sidebar will show the users that are active in groups they are a part of, so they can stay up-to-date on where conversations are happening in real time. It’s a move that could make Yammer more competitive with popular chat solutions like Slack, which has been growing incredibly rapidly and was recently valued at $2.8 billion.

Yammer’s mobile app also gained support for attaching files from external storage services like OneDrive and Dropbox, inviting coworkers to a user’s network by email and mentioning people in comments.

There’s even more up Yammer’s sleeve on top of all these updates. The social network’s iPhone app will soon have a companion version for the Apple Watch that will let people interact with content from their coworkers.

The updates come at a time when Microsoft is putting more effort into improving its workplace collaboration tools.

Source

Will Google’s Algorithm Stop Piracy?

October 30, 2014 by  
Filed under Computing

Comments Off on Will Google’s Algorithm Stop Piracy?

Nosey Google has updated its search engine algorithms in an attempt to restrict piracy web sites appearing high in its search rankings.

The update will mean piracy sites are less likely to appear when people search for music, films and other copyrighted content.

The decision to roll out the search changes was announced in a refreshed version of a How Google Fights Piracy report, which was originally published in September 2013.

However, this year’s updated report features a couple of developments, including changes to ad formats and an improved DMCA demotion search signal.

The move is likely to be a result of criticism received from the entertainment industry, which has argued that illegal sites should be “demoted” in search results because they enable people to find sites to download media illegally.

The biggest change in the Google search update will be new ad formats in search results on queries related to music and movies that help people find legitimate sources of media.

For example, for the relatively small number of queries for movies that include terms like ‘download’, ‘free’, or ‘watch’, Google has instead begun listing legal services such as Spotify and Netflix in a box at the top of the search results.

“We’re also testing other ways of pointing people to legitimate sources of music and movies, including in the right-hand panel on the results page,” Google added.

“These results show in the US only, but we plan to continue investing in this area and to expand it internationally.”

An improved DMCA demotion signal in Google search is also being rolled out as part of the refresh, which down-ranks sites for which Google has received a large number of valid DMCA notices.

“We’ve now refined the signal in ways we expect to visibly affect the rankings of some of the most notorious sites. This update will roll out globally starting next week,” Google said, adding that it will also be removing more terms from autocomplete, based on DMCA removal notices.

The new measures might be welcomed by the entertainment industry, but are likely to encourage more people to use legal alternatives such as Spotify and Netflix, rather than buying more physical media.

Source

Will Chrome’s API Work?

March 25, 2014 by  
Filed under Around The Net

Comments Off on Will Chrome’s API Work?

Google has targeted web browser settings hijacking in its latest update to Chrome for Windows.

On the Chromium blog, Google engineering director Erik Kay announced an extension settings API designed to ensure that users have notice and control over any settings changes made to their web browsers.

As a result, the only way extensions will be able to make changes to browser settings such as the default search engine and start page will be through this API.

Bargain hungry consumers are often unaware that freeware programs often bundle add-on programs for which developers receive payment but can create irritating, rather than malicious, changes to user settings.

Although there is usually consent sought at installation, quite often it is ignored or not understood, and the people who miss the warnings are generally the same ones who find it hard to change the settings back.

Kay said that the API is available in the Chromium developer channel, with a rollout to the stable channel set for May.

The Chromium stable channel has been updated to version 33.0.1750.149. The main change is an update to the embedded Flash Player for Windows, which is now version 12.0.0.77.

There are seven new security fixes, most of which were user submitted via the open source Fast Memory Detector Address Sanitizer.

Although the user community and Chrome team continue to proactively protect the Chromium project, third party extensions can still cause problems, with several already having been removed from the Chrome Store this year.

Source

Is Twitter Home To Malware?

May 1, 2013 by  
Filed under Around The Net

Comments Off on Is Twitter Home To Malware?

Security outfit Trusteer has recently identified an active configuration of TorRAT targeting Twitter users. The malware launches a Man-in-the-Browser (MitB) attack through the browser of infected PCs, gaining access to the victim’s Twitter account to create malicious tweets.

Dana Tamir, Enterprise Security Director for Trusteer the malware, which has been used as a financial malware to gain access to user credentials and target their financial transactions, now has a new goal: to spread malware using the online social networking service. At this time the attack is targeting the Dutch market. But since Twitter is used by millions of users around the world, this type of attack can be used to target any market and any industry.

The attack is carried out by injecting Javascript code into the victim’s Twitter account page. The malware collects the user’s authentication token, which enables it to make authorized calls to Twitter’s APIs, and then posts new, malicious tweets on behalf of the victim.

Tamir said that the attack is particularly difficult to defend against because it uses a new sophisticated approach to spear-phishing. Twitter users follow accounts that they trust. Because the malware creates malicious tweets and sends them through a compromised account of a trusted person or organization being followed, the tweets seem to be genuine. The fact that the tweets include shortened URLs is not concerning: Twitter limits the number of characters in a message, so followers expect to get interesting news bits in the form of a short text message followed by a shortened URL. However, a shortened URL can be used to disguises the underlying URL address, so that followers have no way of knowing if the link is suspicious.

Source

Google Tweaks It’s Search Engine

May 24, 2012 by  
Filed under Around The Net

Comments Off on Google Tweaks It’s Search Engine

Google is changing the way it handles searches in the United States to give users quick access to answers without leaving the page, the company said.

The new search process is based on what Google calls the “knowledge graph” — meaning that it tries to pinpoint faster the context surrounding its users’ keyword searches.

“Over the years, as search has improved, people expect more,” said Amit Singhal, vice president of engineering at Google and the head of search, in an interview. “We see this as the next big improvement in search relevance.”

The redesign, which for now affects only U.S.-based English language users, is gradually being rolled starting Wednesday on desktop, mobile and tablet platforms. Google plans to eventually expand the new search features outside the U.S., Singhal said, without specifying when.

Many of the results will carry more graphical elements, compared to standard lists of search results, such as maps and pictures of related results, often in separate pop-ups. The idea is to let users easily discover what related material interests them and click through to it, Singhal said.

Source…

More Trojan Malware Found On Macs

April 23, 2012 by  
Filed under Computing

Comments Off on More Trojan Malware Found On Macs

Following the outbreak of the Flashback Mac Trojan, security researchers have identified two more cases of Mac OS X malware. The good news is most Mac owners have little reason to worry about them.

Both cases are variants on the same Trojan, called SabPub, Kaspersky Lab Expert Costin Raiu wrote on Securelist.

The first variant is known as Backdoor.OSX.SabPub.a. Like Flashback, this new threat was likely spread through Java exploits on Websites, and allows for remote control of affected systems. It was created roughly one month ago.

Fortunately, this malware isn’t a threat to most users for a few reasons: It may have only been used in targeted attacks, Raiu wrote, with links to malicious Websites sent via e-mail, and the domain used to fetch instructions for infected Macs has since been shut down.

Furthermore, Apple’s security update for Flashback helps render future Java-based attacks harmless. In addition to removing the Flashback malware, the update automatically deactivates the Java browser plug-in and Java Web Start if they remain unused for 35 days. Users must then manually re-enable Java when they encounter applets on a Web page or a Web Start application.

The second SabPub variant is old-school compared to its sibling. Instead of attacking through malicious Websites, it uses infected Microsoft Word documents as vector, distributed by e-mail.

Source…

Apple Goes Down In Court

January 11, 2012 by  
Filed under Computing

Comments Off on Apple Goes Down In Court

Apple has lost a move in US District Court in San Francisco to keep some of its software ‘secrets’ out of view of the public.

It had asked Judge William Alsup to keep documents sealed that had surfaced in its lawsuit against Psystar, Bloomberg reports. The information about Apple’s Mac OS X operating system covers topics such as technological protection measures, system integrity checks and thermal management techniques.

The court turned down Apple’s request, however, noting that the company didn’t deny that the information was already public or claim that it had been misappropriated. Apple had argued that it still deserved trade secret protection because it didn’t release the information and had never confirmed it, but that didn’t convince Judge Alsup.

The information at issue is available on a web site about the Mac OS X operating system, the judge noted, adding that Apple’s decryption key haiku is available to any user that compiles and runs publicly available source code on a Macbook Air laptop.

.

Source…

DoJ Charges Clickjacking Perpetrators

November 17, 2011 by  
Filed under Internet, Security

Comments Off on DoJ Charges Clickjacking Perpetrators

The U.S. Department of Justice is charging seven individuals with 27 counts of wire fraud and other computer-related crimes, accusing the group of hijacking 4 million computers across 100 countries in a sophisticated clickjacking scam.

According to the indictment, the defendants had set up a fake Internet advertising agency, entering into agreements with online ad providers that would pay the group whenever its ads where clicked on by users. The group’s malware, which it had planted on millions of user computers, would redirect the computers’ browsers to its advertisements, thereby generating illicit revenue.

The malware worked by capturing and altering the results of a user’s search engine query. A user would search for a popular site, such as ones for Netflix, the Wall Street Journal, Amazon, Apple iTunes and the U.S. Internal Revenue Service. Whenever the user would click on the provided link, however, the browser would be redirected to another website, one that the group was paid to generate traffic for.

The malware the group used also blocked antivirus software updates, which left users vulnerable to other attacks as well, according to the DOJ.

Source…

Next Page »