Category Archives: Android

Palm Is Back With a Mini Companion Android Phone That’s Exclusive To Verizon

A couple months ago, it was reported that the dearly departed mobile brand known as Palm would be making a comeback. That day has finally come. Yesterday, Palm announced The Palm, a credit card-sized Android smartphone that's supposed to act as a second phone. Droid Life reports: The Palm, which is its name, is a mini-phone with a 3.3-inch HD display that's about the size of a credit card, so it should fit nicely in your palm. It could be put on a chain or tossed in a small pocket or tucked just about anywhere, thanks to that small size. It's still a mostly fully-featured smartphone, though, with cameras and access to Android apps and your Verizon phone number and texts. The idea here is that you have a normal phone with powerful processor and big screen that you use most of the time. But when you want to disconnect some, while not being fully disconnected, you could grab Palm instead of your other phone. It uses Verizon's NumberSync to bring your existing phone number with you, just like you would if you had an LTE smartwatch or other LTE equipped device. Some of the specs of this Verizon-exclusive phone include a Snapdragon 435 processor with 3GB RAM, 32GB storage, 12MP rear and 8MP front cameras, 800mAh battery, IP68 water and dust resistance, and Android 8.1. As Kellen notes, "It does cost $350, which is a lot for a faux phone..." We've already seen a number of gadget fans perplexed by this device. Digital Trends goes as far as calling it "the stupidest product of the year."

Read more of this story at Slashdot.

Malicious Platform Independent Trojan GPlayed Disguised as Google Play Store

By Waqas

Newly discovered Trojan malware, which has been dubbed as GPlayed by the IT security experts at Cisco Talos, disguises itself as Google Play Store to trick users into downloading it. After getting installed, it steals location information and bank details from the device. Additionally, it is capable of transferring code between desktop and mobile platforms. […]

This is a post from HackRead.com Read the original post: Malicious Platform Independent Trojan GPlayed Disguised as Google Play Store

Google to Encrypt Android Cloud Backups With Your Lock Screen Password

In an effort to secure users' data while maintaining privacy, Google has announced a new security measure for Android Backup Service that now encrypts all your backup data stored on its cloud servers in a way that even the company can't read it. Google allows Android users to automatically backup their essential app data and settings to their Google account, allowing them to simply restore it

Google Adds Control-Flow Integrity to Beef up Android Kernel Security

Google has added a new security feature to the latest Linux kernels for Android devices to prevent it against code reuse attacks that allow attackers to achieve arbitrary code execution by exploiting control-flow hijacking vulnerabilities. In code reuse attacks, attackers exploit memory corruption bugs (buffer overflows, type confusion, or integer overflows) to take over code pointers stored

GPlayed Trojan – .Net playing with Google Market

This blog post is authored by Vitor Ventura.

Introduction

In a world where everything is always connected, and mobile devices are involved in individuals' day-to-day lives more and more often, malicious actors are seeing increased opportunities to attack these devices. Cisco Talos has identified the latest attempt to penetrate mobile devices — a new Android trojan that we have dubbed "GPlayed." This is a trojan with many built-in capabilities. At the same time, it's extremely flexible, making it a very effective tool for malicious actors. The sample we analyzed uses an icon very similar to Google Apps, with the label "Google Play Marketplace" to disguise itself.

The malicious application is on the left-hand side.



What makes this malware extremely powerful is the capability to adapt after it's deployed. In order to achieve this adaptability, the operator has the capability to remotely load plugins, inject scripts and even compile new .NET code that can be executed. Our analysis indicates that this trojan is in its testing stage but given its potential, every mobile user should be aware of GPlayed. Mobile developers have recently begun eschewing traditional app stores and instead want to deliver their software directly through their own means. But GPlayed is an example of where this can go wrong, especially if a mobile user is not aware of how to distinguish a fake app versus a real one.

Trojan architecture and capabilities

This malware is written in .NET using the Xamarin environment for mobile applications. The main DLL is called "Reznov.DLL." This DLL contains one root class called "eClient," which is the core of the trojan. The imports reveal the use of a second DLL called "eCommon.dll." We determined that the "eCommon" file contains support code and structures that are platform independent. The main DLL also contains eClient subclasses that implement some of the native capabilities.

The package certificate is issued under the package name, which also resembles the name of the main DLL name.

Certificate information

The Android package is named "verReznov.Coampany." The application uses the label "Installer" and its name is "android.app.Application."

Package permissions

The trojan declares numerous permissions in the manifest, from which we should highlight the BIND_DEVICE_ADMIN, which provides nearly full control of the device to the trojan.

This trojan is highly evolved in its design. It has modular architecture implemented in the form of plugins, or it can receive new .NET source code, which will be compiled on the device in runtime.

Initialization of the compiler object

The plugins can be added in runtime, or they can be added as a package resource at packaging time. This means that the authors or the operators can add capabilities without the need to recompile and upgrade the trojan package on the device.

Trojan native capabilities

This is a full-fledged trojan with capabilities ranging from those of a banking trojan to a full spying trojan. This means that the malware can do anything from harvest the user's banking credentials, to monitoring the device's location. There are several indicators (see section "trojan activity" below) that it is in its last stages of development, but it has the potential to be a serious threat.

Trojan details

Upon boot, the trojan will start by populating a shared preferences file with the configuration it has on its internal structures. Afterward, it will start several timers to execute different tasks. The first timer will be fired on the configured interval (20 seconds in this case), pinging the command and control (C2) server. The response can either be a simple "OK," or can be a request to perform some action on the device. The second timer will run every five seconds and it will try to enable the WiFi if it's disabled. The third timer will fire every 10 seconds and will attempt to register the device into the C2 and register wake-up locks on the system to control the device's status.

During the trojan registration stage, the trojan exfiltrates private information such as the phone's model, IMEI, phone number and country. It will also report the version of Android that the phone is running and any additional capabilities.

Device registration

This is the last of the three main timers that are created. The trojan will register the SMS handler, which will forward the contents and the sender of all of the SMS messages on the phone to the C2.

The final step in the trojan's initialization is the escalation and maintenance of privileges in the device. This is done both by requesting admin privileges on the device and asking the user to allow the application to access the device's settings.

Privilege escalation requests

The screens asking for the user's approval won't close unless the user approves the privilege escalation. If the user closes the windows, they will appear again due to the timer configuration.

After the installation of the trojan, it will wait randomly between three and five minutes to activate one of the native capabilities — these are implemented on the eClient subclass called "GoogleCC." This class will open a WebView with a Google-themed page asking for payment in order to use the Google services. This will take the user through several steps until it collects all the necessary credit card information, which will be checked online and exfiltrated to the C2. During this process, an amount of money, configured by the malicious operator, is requested to the user.

Steps to request the user's credit card information

In our sample configuration, the request for the views above cannot be canceled or removed from the screen — behaving just like a screen lock that won't be disabled without providing credit card information.

All communication with the C2 is done over HTTP. It will use either a standard web request or it will write data into a web socket if the first method fails. The C2 can also use WebSocket as a backup communication channel.

Before sending any data to the C2 using the trojan attempts to disguise its data, the data is serialized using JSON, which is then encoded in Base64. However, the trojan replaces the '=' by 'AAAZZZXXX', the '+' by '|' and the '/' by '.' to disguise the Base64.

Request encoding process

The HTTP requests follow the format below, while on the WebSocket only the query data is written.

<server path>?q=<IMEI>-<REQUEST CODE>:<Obfuscated Base64 encoded data>

As is common with trojans, the communication is always initiated by the trojan on the device to the C2. The request codes are actually replies to the C2 action requests, which are actually called "responses." There are 27 response codes that the C2 can use to make requests to the trojan, which pretty much match what's listed in the capabilities section.
  • Error
  • Registration
  • Ok
  • Empty
  • SendSMS
  • RequestGoogleCC
  • Wipe
  • OpenBrowser
  • SendUSSD
  • RequestSMSList
  • RequestAppList
  • RequestLocation
  • ShowNotification
  • SetLockPassword
  • LockNow
  • MuteSound
  • LoadScript
  • LoadPlugin
  • ServerChange
  • StartApp
  • CallPhone
  • SetPingTimer
  • SMSBroadcast
  • RequestContacts
  • AddInject
  • RemoveInject
  • Evaluate
Another feature of this trojan is the ability to register injects, which are JavaScript snippets of code. These will be executed in a WebView object created by the trojan. This gives the operators the capability to trick the user into accessing any site while stealing the user's cookies or forging form fields, like account numbers or phone numbers.

Trojan activity

At the time of the writing of this post, all URLs (see IOC section) found on the sample were inactive, and it does not seem to be widespread. There are some indicators that this sample is just a test sample on its final stages of development. There are several strings and labels still mentioning 'test' or 'testcc' — even the URL used for the credit card data exfiltration is named "testcc.php."

Debug information on logcat

Another indicator is the amount of debugging information the trojan is still generating — a production-level trojan would keep its logging to a minimum.

The only sample was found on public repositories and almost seemed to indicate a test run to determine the detection ratio of the sample. We have observed this trojan being submitted to public antivirus testing platforms, once as a package and once for each DLL to determine the detection ratio. The sample analyzed was targeted at Russian-speaking users, as most of the user interaction pages are written in Russian. However, given the way the trojan is built, it is highly customizable, meaning that adapting it to a different language would be extremely easy. The wide range of capabilities doesn't limit this trojan to a specific malicious activity like a banking trojan or a ransomware. This makes it impossible to create a target profile.

Conclusion

This trojan shows a new path for threats to evolve. Having the ability to move code from desktops to mobile platforms with no effort, like the eCommon.DLL demonstrates that malicious actors can create hybrid threats faster and with fewer resources involved than ever before. This trojan's design and implementation is of an uncommonly high level, making it a dangerous threat. These kinds of threats will become more common, as more and more companies decide to publish their software directly to consumers.

There have been several recent examples of companies choosing to release their software directly to consumers, bypassing traditional storefronts. The average user might not have the necessary skills to distinguish legitimate sites from malicious ones. We've seen that this has been the case for many years with spear-phishing campaigns on desktop and mobile platforms, so, unfortunately, it doesn't seem that this will change any time soon. And this just means attackers will continue to be successful.

Coverage

Additional ways our customers can detect and block this threat are listed below.

Advanced Malware Protection (AMP) is ideally suited to prevent the execution of the malware used by these threat actors.

Cisco Cloud Web Security (CWS) or Web Security Appliance (WSA) web scanning prevents access to malicious websites and detects malware used in these attacks.

Email Security can block malicious emails sent by threat actors as part of their campaign.

Network Security appliances such as Next-Generation Firewall (NGFW), Next-Generation Intrusion Prevention System (NGIPS), and Meraki MX can detect malicious activity associated with this threat.

AMP Threat Grid helps identify malicious binaries and build protection into all Cisco Security products.

Umbrella, our secure internet gateway (SIG), blocks users from connecting to malicious domains, IPs, and URLs, whether users are on or off the corporate network.

Open Source Snort Subscriber Rule Set customers can stay up to date by downloading the latest rule pack available for purchase on Snort.org.

Indicators of compromise (IOC)


URLs
hxxp://5.9.33.226:5416
hxxp://172.110.10.171:85/testcc.php
hxxp://sub1.tdsworker.ru:5555/3ds/

Hash values
Package.apk - A342a16082ea53d101f556b50532651cd3e3fdc7d9e0be3aa136680ad9c6a69f
eCommon.dl - 604deb75eedf439766896f05799752de268baf437bf89a7185540627ab4a4bd1
Reznov.dll - 17b8665cdbbb94482ca970a754d11d6e29c46af6390a2d8e8193d8d6a527dec3

Custom activity prefix
com.cact.CAct

Razer Phone 2 Launches With Notch-less Display, Wireless Charging, and RGB Lighting

Last November, Razer unveiled a smartphone designed for gamers who value performance and power over bells and whistles like waterproofing and wireless charging. At an event Wednesday night, Razer took the wraps off its successor, aptly named Razer Phone 2, which sports a brighter, notch-less, 5.72-inch IGZO LCD display with a 2560x1440 resolution and HDR, wireless charging, IP67 water- and dust-resistance rating, and RGB lighting behind the Razer logo on the rear. Given the addition of waterproofing and wireless charging, the Razer Phone 2 appears to be much more well-rounded than its predecessor, making the decision all the more difficult when shopping for a premium, high-end smartphone. AnandTech reports: This display is rated at 645 nits peak, up to 50% higher than the previous Razer Phone, and also supports HDR. Razer states that the display also has wide color gamut, which turns out to be 98.4% of DCI-P3. Also on the front, it has two front facing speakers in identical positions to the previous generation, and it has a front facing camera and sensor (albeit with swapped positions). That front camera is an 8MP f/2.0 unit, capable of recording at 1080p60, a user-requested feature for streaming and selfie recording. The front of the device is Corning Gorilla Glass 5, an upgrade from GG3 in the last generation. When we move to the rear, things change much more noticeably. Instead of the aluminum rear, Razer has a full Gorilla Glass 5 back, which helps enable Qi Wireless Charging, a much requested feature. This is alongside QuickCharge 4+ through a Type-C cable. On the rear we have the dual cameras, this time placed in the center just above the logo. This time around Razer has gone with a 20MP Sony IMX363 f/1.75 main camera with OIS, and an 8MP Sony IMX 351 f/2.6 telephoto camera to enable some extra zoom functionality. Below the cameras is the Razer logo, which has a full 16.8million color RGB LED underneath which users can adjust through the onboard Chroma software. The Razer Phone 2 is still very much power-focused, as it features Qualcomm's latest Snapdragon 845 CPU with a "vapor chamber cooling" which can allow the phone to draw 20-30% more power than other flagships. There's 8GB of LPDDR4X memory, 64GB of UFS storage with support for a microSD card, and a whopping 4,000mAh. Razer says their new smartphone will be priced at $799 and will start shipping in mid-November.

Read more of this story at Slashdot.

Google Restricts Android Apps From Accessing Your Personal Data

Beginning this week, Google has announced some striking decisions that takes a leap towards user privacy. In addition to the

Google Restricts Android Apps From Accessing Your Personal Data on Latest Hacking News.

Mac Virus: Android, iOS, and macOS issues

Pierluigi Paganani: Hackers can compromise your WhatsApp account by tricking you into answering a video call

The Register:  Rap for WhatsApp chat app chaps in phone-to-pwn security nap flap – “Memory corruption flaw present in Android, iOS builds. Aaand it’s been fixed”


Further to this story: Intel Management Mode – Apple didn’t lock

Thomas Claburn for The Register: Intel’s commitment to making its stuff secure is called into question – ‘In an email to The Register in response to our report about the problems posed by the Manufacturing Mode in Intel’s Management Engine (ME), which if left open leaves processors vulnerable to local attack, Kanthak called Intel’s statement “a blatant lie.”‘


MacRumors: Apple Releasing iOS 12.0.1 With Fixes for Wi-Fi 2.4GHz Bug, Lightning Charging Issue [Update: Now Available]


The Register: Pixel 3, 3XL, Slate tab launch: Google emits swanky iPad botherer while tarting up mobes – “The day after Google confessed to almost exposing the private data of hundreds of thousands of Google+ accounts to app developers, the ad giant unveiled perhaps the most-leaked phone in recent memory.”

David Harley

Advertisements




Mac Virus

Free Movie Download Apps For Android- Best of 2018

Searching for a legal free movie download app? In this article, we will help you to find out the 10 Best Free Movie Download Apps For Android using which you can stream or even download free movies.

Smartphones have completely revolutionised the way we watch movies and TV shows. Gone are the days when people relied on physical Compact disc for storing and sharing media files. Well, here’s a list of some exciting applications that will help you to stream and download movies.

ALSO READ: 10 Best Free Music Downloader Apps For Android

1. Modbro

Modbro is an excellent application for streaming and downloading movies. A majority of content on this application is available in high-definition quality. Moreover, the streaming and downloading speeds are also reliable.

Modbro offers an enormous collection of free movies and TV shows.

Content on Modbro is very well organised, and search filters like language and genre make it easier to find content. Lastly, the installation process of Modbro apk is similar to any other application. You can use Modbro for freely downloading a new movie.

DOWNLOAD Modbro

PROS

  • Clean UI
  • Language and genre filters
  • Content is organized in categories

CONS

  • Random playback issues

2. Popcornflix™- Movies.TV.Free

Popcornflix is the next perfect application for free movie download. Well, Popcornflix has an extensive collection of around 700 movies all available in high-definition. This catalogue is enough for a year if you watch two movies a day.

Moreover, Popcornflix regularly updates and add more new movies to the application.

Movies on Popcornflix are very well organised into different genres like Comedy, Romance, Family/Kids, Drama, Urban, Action/Thrillers, Horror, Espanol, Documentaries, Bollywood and much more.

Popcornflix is a legal application and can be easily downloaded from Playstore. Lastly, the app has no watching restrictions, so you can watch as much you want.

DOWNLOAD Popcornflix

PROS

  • Available on PlayStore
  • Exclusive and new content
  • Annoying advertisements

CONS

  • Slow streaming speeds
  • Small catalogue for TV shows

3. Crackle

Crackle is the next free movie downloading application on the list that is available both for Android and iOS users. Similar to other applications, Crackle has a decent collection of TV shows and exclusive movies.

Furthermore, Crackle offers the fastest streaming speeds, and the UI is clean and easy to navigate.

Crackle displays some random advertisements, but they are not a big issue. Crackle has impressive filter features like the genre, alphabetical order, full episodes, recently added, trailers, clips and much more.

Once you log-in, the application will start suggesting personalised content. Lastly, there is no watching limit on Crackle as well.

DOWNLOAD Crackle

PROS

  • Fast download and streaming speeds
  • Available for both iOS and Android

CONS

  • Limited UI customization features

ALSO READ: 5 Best Showbox Alternatives To Watch Free Movies

4. Megabox HD

Megabox HD is another useful application for free movie downloads. As the name of the app suggests a majority of content on Megabox is available in HD quality. You can either stream or download free movies for offline viewing.

Megabox HD is not available on playstore, so you have to download the application manually and then install it.

Surprisingly, Megabox HD is also available for Windows and MacOS. So you can enjoy your movies and TV shows on a bigger screen. Megabox HD has a decent collection of some latest and exclusive TV shows and movies.

Lastly, if you create a free account, you can add movies to your watchlist.

DOWNLOAD MegaBox HD

PROS

  • Available for PC
  • An enormous collection of exclusive movies

CONS

  • Outdated UI
  • Lacks personalized content

5. YouTube

The next application on the list possibly came pre-installed on your smartphone. Yes, YouTube has a massive collection of movies. Many old movies are uploaded by production companies on their Youtube channels.

Moreover, a majority of indie film-makers upload their content on YouTube.

It is worth noting that you can even buy the latest movies on Youtube. Moreover, YouTube offers unmatched streaming quality, speed, and reliability. There are also some users who upload the entire film on their channel. These movies are generally taken down, but you can still find some of them.

DOWNLOAD YouTube

PROS

  • Fast Streaming speeds
  • Available for every computing device

CONS

  • Fairly difficult to find full movies

6. Tubi

Tubi offers thousands of hit movies and TV series for free. Well, Tubi is a very-well developed application using which you can download free movies. Tubi allows users to personal queue to bookmark which videos they want to watch.

Moreover, new TV shows and movies are added to the collection on a weekly basis.

A majority of content on Tubi is available in HD quality. Tubi also has a dedicated “Not on Netflix” category. You can even stream your content on a more prominent display as Tubi supports Chromecast, Apple TV, Roku devices, Amazon Fire TV, and many other streaming devices. Lastly, Tubi is 100% legal and offers unlimited streaming.

DOWNLOAD TUBI

PROS

  • Available on Play Store
  • Supports Chromecast and Firestick TV
  • Suggest Personalized content
  • Dark theme

CONS

  • Limited UI customization features

ALSO READ: Watch TV Shows Online For Free | Sites For Streaming Full Episodes

7. Popcorn Time

Next popular application on the list is Popcorn Time. The major highlight of Popcorn Time is that all of its content is directly streamed from Torrent. Consequently, you can find almost every TV show or movie on Popcorn Time.

A majority of content on Popcorn Time is available in high-definition quality and the service also provides subtitles.

Next up, Popcorn Time is available on all major platforms like Windows, Android, iOS, MacOS, and Linux. Lastly, Popcorn Time also offers some impressive UI customization tools and you can even change the language of the app.

DOWNLOAD Popcorn Time

PROS

  • Seamless cross-platform integration
  • Content is available in HD and FHD quality

CONS

  • Sometimes it takes too long to stream from torrent links.

8. Viewster

Viewster offers a wide range of ad-supported free TV shows and movies. This on-demand service has a massive collection of old sci-fi movies and geek-documentaries. Viewster has a Newsfeed-style homepage, which displays recently added and featured content. You can easily watch popular movies online using Viewster.

Viewster is completely free and is most popular among anime watchers. That said, the random app crashes coupled with advertisements may annoy some users. Overall, its a great app for watching and downloading free movies.

Viewster also allows users to create a watchlist and suggests content on the homepage, based on users preference.

DOWNLOAD Viewster 

PROS

  • An impressive collection of anime
  • Newsfeed-style homepage

CONS

  • During playback audio or video freezes
  • Lack of movies and TV shows

9. Cinema Box

Cinema Box is also a popular application. Well, Cinema Box allows users to watch free HD movies and TV shows on your Android phone, tablet, and TV box. Moreover, similar to other apps on the list you can easily download both free movies and TV shows for offline viewing.

Cinema Box is available for both Android and iOS users.

Cinema Box supports Google Chromecast, using which you can easily cast your content on a bigger display. This streaming service has a massive collection of some exclusive titles. Infact, new content is added to the entire catalogue on weekly basis.

DOWNLOAD Cinema Box

PROS

  • An enormous collection of popular titles
  • Supports Chomecast

CONS

  • Outdated UI
  • Slow streaming speeds

ALSO READ: Demonoid Alternatives | 5 Best Torrent sites | Download free Movies- 2018 

10. Sky HD

The last application on the list can be used to stream HD movies and TV shows online for free. Sky HD has a clean and easy to use UI. Using Sky HD, you can easily segregate movies and TV Shows based on movie type or movie genre.

The installation process of Sky HD is fairly simple, though you have to regularly check the official website for application updates.

Similar to Cinema Box, Sky HD is also compatible with Chromecast and you can easily cast your content on a bigger display. Overall if you prefer a simple app for downloading and watching offline content than Sky HD will definitely impress you.

DOWNLOAD Sky HD

PROS

  • Clean UI
  • Supports Chromecast

CONS

  • Random app crashes
  • Issues while casting content

Do help the community by sharing any other application for free movie downloading in the comments section below.

The post Free Movie Download Apps For Android- Best of 2018 appeared first on TechWorm.

The end of Google+: Low usage and an API bug that exposed user data

Google has announced that it will be closing down the consumer version of Google+, its failed answer to Facebook, and is introducing more granular Google Account permissions, new limits for third-party apps that seek permission to access users’ Gmail data, and new limits for apps’ abilities on Android devices. The Google+ problem Ben Smith, Google Fellow and VP of Engineering, cited “significant challenges in creating and maintaining a successful Google+ that meets consumers’ expectations” and … More

The post The end of Google+: Low usage and an API bug that exposed user data appeared first on Help Net Security.

From Now On, Only Default Android Apps Can Access Call Log and SMS Data

A few hours ago the company announced its "non-shocking" plans to shut down Google+ social media network following a "shocking" data breach incident. Now to prevent abuse and potential leakage of sensitive data to third-party app developers, Google has made several significant changes giving users more control over what type of data they choose to share with each app. The changes are part of

A week in security (October 1 – 7)

Last week, Malwarebytes welcomed National Cybersecurity Awareness Month by renewing our pledge to do what we do best: offer the best protection for our customers and promote security awareness for all.

On Labs, we raised the question of whether it is a good idea to bring your own security or not, talked a little bit more about fileless malware, homed in on a malware campaign targeting Fortnite gamers, and looked into LoJack, a bootkit malware that has been targeting government entities.

Other cybersecurity news:

Stay safe, everyone!

The post A week in security (October 1 – 7) appeared first on Malwarebytes Labs.

Jigsaw releases Intra, an Android app that encrypts DNS queries to thwart online censorship

Alphabet subsidiary and tech incubator Jigsaw, which concentrates on creating solutions for “the toughest geopolitical challenges,” has released Intra, an Android apps that encrypts DNS queries. About Intra Intra encrypts DNS queries so that they can’t be analyzed or manipulated by oppressive governments. Users can get to the wanted (blocked) website or use the wanted (blocked) app and can be sure that the site they were directed to is the site they wanted to visit, … More

The post Jigsaw releases Intra, an Android app that encrypts DNS queries to thwart online censorship appeared first on Help Net Security.

LG Announces V40 ThinQ With Five Cameras, 6.4-iInch OLED Screen

While LG technically announced the LG V40 ThinQ last week in Korea, it left many surprises for its October 3rd event in the U.S. We have now learned that the company's new flagship sports a total of five cameras, a 6.4-inch display, headphone jack with hi-fi Quad DAC, and Snapdragon 845 processor with 6GB of RAM. The Verge reports: [T]he V40 has a very premium price and will range between $900 and $980 from US carriers when it's released on October 18th in black or blue color options. The 6.4-inch, notched OLED panel doesn't have the same "super bright" mode you can find on the G7, with brightness topping out between 500 and 600 nits. But LG says the phone is noticeably lighter -- more than an ounce -- than both the Note and XS Max. The new three-camera setup on the back of the V40 offers a lot of versatility. It includes: - Standard f/1.5 12-megapixel camera with 1.4um pixels that are 40 percent larger than the G7. Remember that bigger pixels are a key reason for the improved camera performance in the iPhone XS, so hopefully LG fans will see a similar uptick in quality over the G7. - Super-wide-angle f/1.9 16MP camera with 107-degree field of view. Identical to G7. - 12MP f/2.4 telephoto/portrait camera, which basically amounts to a 2x optical zoom compared to the regular lens. LG has added new lighting effects such as "natural, studio, contour, stage, stage mono." With the move to three sensors, LG is also introducing two additional software features that take advantage of this system. A new "triple preview" feature will show you a live preview from all three cameras simultaneously, letting you quickly pick the right one for the shot you're trying to get without having to switch between them. And "triple shot" captures all three angles with a single press of the shutter button; it saves a GIF of the transition between them and also saves each individual shot. [...] If you're curious about battery life, the V40 has a 3,300mAh battery that LG says delivers longevity that's only around 10 percent less than the Note 9. Other specifications include an IP68 water and dust resistance, Qi wireless charging, and Android Oreo that's upgradeable to Android Pie, although there's no official timeline available yet.

Read more of this story at Slashdot.

Mac Virus: Resources update: 3rd October

Filip Truta for Bitdefender: Researchers use Android password managers to make phishing attacks more practical
“Simone Aonzo, Alessio Merlo, and Giulio Tavella from the University of Genoa and Yanick Fratantonio from EURECOM found that certain Android password managers can be tricked into entering valid login credentials into phishing apps. The trick even works with Google’s try-before-you-buy Instant Apps, which allows users to take apps for a spin without actually installing their contents on the device.”


Graham Cluley, also for Bitdefender: Even with the latest iOS 12 update, your iPhone’s lockscreen is unsafe
“Jose Rodriguez, who has uncovered vulnerabilities in iOS’s lock screen security on a number of occasionsin the past, has produced a video demonstrating an (admittedly convoluted) way of accessing information on locked iOS devices that really should be out of bounds.”


Lawrence Abrams for Bleeping Computer: Roaming Mantis Group Testing Coinhive Miner Redirects on iPhones
Kaspersky has discovered that [Roaming Mantis Group] is testing a new monetization scheme by redirecting iOS users to pages that contain the Coinhive in-browser mining script rather than the normal Apple phishing page.


Pierluigi Paganini: Expert demonstrated how to access contacts and photos from a locked iPhone XS
“…Jose Rodriguez has discovered a passcode bypass vulnerability in Apple’s new iOS version 12 that could be exploited …  (with physical access to the iPhone) to access photos, contacts on a locked iPhone XS and other devices.

The hack works on the latest iOS 12 beta and iOS 12 operating systems, as demonstrated by Rodriguez in a couple of videos he published on YouTube (Videosdebarraquito).”


Zeljka Zorz for HelpNet: How to minimize the negative effect of mobile device loss or theft

David Harley





Mac Virus

Microsoft Announces App Mirroring To Let You Use Any Android App On Windows 10

At its Surface launch event, Microsoft announced a new feature for Windows 10 that will let Android users use any app on their device on a Windows 10 desktop. Microsoft is referring to the feature as app mirroring, and it appears to only be available for Android users. "It looks to be a significant step in helping bridge Windows 10 and the mobile ecosystem after the demise of Windows Phone," reports The Verge. From the report: We didn't see an extensive demo onstage, but we did get a look at a user exchanging Snapchat messages with a friend on a Surface device using the app mirroring feature. Microsoft says the feature will be available in the new Windows 10 October update.

Read more of this story at Slashdot.

SuperSU, a Popular Root App For Android, Disappears From Google Play Store

Corbin Davenport, writing for AndroidPolice: For years, SuperSU was one of the most popular root applications for Android. Chainfire, the creator of SuperSU, handed over development to CCMT in 2015. He ended his involvement with the app last year, so CCMT has been in full control of it since then. For reasons currently unknown, SuperSU has now vanished from the Play Store. The app's Twitter and Google+ accounts for SuperSU haven't made a post since last year, the Facebook page has been inactive since March, and the official forum is currently offline. As such, it seems like the app was largely abandoned. The latest version available from APKMirror was published in January. Further reading: End of an era: Chainfire is halting development on all root-related apps.

Read more of this story at Slashdot.

Vulnerable Android password managers make phishing attacks easier

Android password managers can be tricked into entering valid login credentials into phishing apps, a group of researchers has discovered. They have also found that Instant Apps, a Google technology that allows users to “try” Android apps without the need to fully install them, can make phishing attacks more practical. Android password manager Dashlane suggesting Facebook credentials to a fake malicious app The research Simone Aonzo, Alessio Merlo, and Giulio Tavella from the University of … More

The post Vulnerable Android password managers make phishing attacks easier appeared first on Help Net Security.

MX Player, a Video App Used By More Than 175 Million Users, Debuts OTT Service. Android Enthusiasts Express Concern.

MX Player, a video app which has been downloaded more than 500 million times across the globe, kickstarted its OTT (online video streaming) service in India, one of its largest markets, this week. MX Player, which is popular worldwide, has earned a loyal user base over the years for being the app that can run any video file you throw at it, even if your smartphone, tablet, or Android TV box doesn't have high-end specs or updated software. It was acquired by Times Internet, an India-based conglomerate this June, and now the big giant is beginning to show what it intends to do with the app. From a report: [...] All of these titles, including those produced by Times Internet, are now available to MX Player users in India at no charge, Karan Bedi, CEO of MX Player, told VentureBeat in an interview. Like most of Times Internet's properties, which include several TV channels and newspapers, MX Player will count on ads to generate revenue. Betting on ad-driven business model, a popular path in developing markets, could help MX Player quickly convince its existing user base to give the streaming offerings a try as it begins to compete in the Indian market. Star India's ad-supported service Hotstar, which offers about 80 percent of its catalog to customers for free, currently leads the video streaming market in the country. Going forward, Bedi said, the company remains committed to making investments in what made MX Player so popular among customers: The ability to play a plethora of video files on low-end devices. The company won't be bringing its new streaming offerings to the paid version of the MX Player app, MX Pro, he said. Additionally, MX Player's streaming offerings are limited to India, one of its largest markets, for now, although Bedi said the company is working on the right content catalog for other regions. Over at Android sub-reddit, where this story has been discussed, dozens of users expressed their concerns on the direction MX Player appears to be headed.

Read more of this story at Slashdot.

New Malware-as-a-Service Threat Targets Android Phones

Security researchers discovered an emerging malware-as-a-service threat from Russia that would allow cybercriminals to infect Android phones with malicious software and block users from running security solutions on their devices.

The offering, called Black Rose Lucy, has a dashboard that shows simulated victims in France Israel and Turkey. This led researchers at Check Point Research to conclude that the Russian-speaking developers have likely run demos for prospective cybercrime groups that are interested in attacking targets in those countries. China is another likely target because it is the largest market for Android devices.

“Given time it could easily become a new cyber Swiss Army Knife that enables worldwide hacker groups to orchestrate a wide range of attacks,” the researchers warned in a threat report dated Sept. 13.

Malware-as-a-service is very much like any traditional cloud service, but instead of subscribing to a harmless application in the cloud, cyberthieves can subscribe to black-market malware services that provide them with all the tools they need to execute attacks.

How Black Rose Lucy Works

Black Rose Lucy has two main components:

  1. Lucy Loader, a dashboard that allows users to control an entire botnet of victim devices and deploy additional malware payloads.
  2. Black Rose Dropper, which targets Android phones, collects victim device data and can install extra malware from a remote command-and-control (C&C) server.

To infect phones, the dropper prompts victims to enable the Android accessibility service for an application called Security of the System, which is actually the dropper, according to Check Point Research. When enabled, Black Rose Lucy can grant itself device administrative privileges. When it receives Android Package Kit (APK) files from the C&C server, it installs the files by simulating user clicks.

Black Rose Lucy also has self-protection features. If popular security solutions or system cleaners are launched, it simulates a user click to the “back” or “home” button to exit the tools. The dropper also blocks users from performing a factory reset.

The researchers noted that Black Rose Lucy is likely designed to target China because its dropper pays attention to Chinese security and system tool applications.

How to Protect Your Network From Malware-as-a-Service Threats

The threat alert issued on the IBM X-Force Exchange advised IT organizations to update their antivirus software, apply the latest patches to all applications and operating systems, and monitor their environments for indicators of compromise (IoCs).

Security experts also recommend conducting hands-on security awareness training that includes immersive simulations and promotes organizationwide security buy-in from the top down.

The post New Malware-as-a-Service Threat Targets Android Phones appeared first on Security Intelligence.

10 Best Free Music Downloader Apps For Android

Searching For A Legal MP3 Or Song Download App? In this article, we will help you to find out the 10 Best Free Music Download Apps For Android where you can listen to music online and even download them on your device.

Smartphones have completely changed the way we listen and organize our music. People rely on subscription-based services like Spotify and Apple music for enjoying music. Well, if vital music streaming services are not available in your region or you don’t want to pay for your music, then these free music download apps might help you.

List of 10 Best Free Music Download Apps For Android

1. Soundcloud

Soundcloud is an impressive music streaming service that offers an extensive collection of more than 150 million songs. Well, Soundcloud is the only platform where you can listen to remixes, beats, remakes and EDM’s created by upcoming music artists. Furthermore, a majority of indie creators offer permissions to download their tracks.

Apart from music Soundcloud also has a decent collection of shows and finding your favorite podcast won’t be an issue. Moreover, the user interface of the application is very intuitive, and SoundCloud offers the best quality of music.

PROS

  • Massive Collection Of Songs
  • Podcasts And Different Shows
  • Good Streaming Speeds

CONS

  • Paid Subscription For Popular Titles
  • Lack Of Exploration Tools

DOWNLOAD Soundcloud

2. TubeMate

YouTube has a vast collection of songs and music videos uploaded by popular music services like VEVO, T-Series, Sony Music and much more. Well, using TubeMate you can easily convert and download these YouTube videos. Tubemate allows users to convert YouTube videos to MP3 format and save them either on internal or external storage.

Using TubeMate is self-explanatory, and the installation is similar to any other apk file. Tubemate allows users to download a maximum of up to 128kbps bit-rate music. This is decent for casual music listeners, but a majority of audio enthusiasts won’t prefer it.

PROS

  • Massive Collection Of Content
  • Fast Download Speeds
  • Ability to store music either on internal storage or SD card

CONS

  • Unresponsive and buggy UI
  • Maximum 128kbps of music

DOWNLOAD TubeMate 

Audiomack is another best music downloader for Android smartphone users. This app offers a vast collection in different genres like Hip-Hop, Rap, R&B, EDM, Reggae music, and mixtapes. Users can easily stream or download music as per their preference. Audiomack also acts as a platform to help upcoming music creators to share their content. Lastly, Audiomack has a clutter-free UI.

PROS

  • Find & stream music and mixtapes
  • Create unlimited playlists
  • Unlimited listening & streaming

CONS

  • Lack of popular and actual music tracks
  • Streaming music takes quite a bit of time

DOWNLOAD Audiomack

4. Simple MP3 Downloader

This application does exactly as the name suggests. Using the app is simple, and search filters like genres, artists or albums enhance the overall experience. Simple MP3 Downloader includes auto-completion features so that as you type, it suggests possible songs of interest. All of the songs downloaded can be located in the downloaded folder.

PROS

  • A vast amount of content
  • Simple To Use UI
  • Auto-completion features

CONS

  • Limited features on the default music player
  •  Few advanced features

DOWNLOAD Simple MP3 Downloader

5. Rock My Run

Rock My Run is an impressive music listening application for fitness freaks that also doubles up as a best free music download app. Using the application users can download songs from vast public domains. Well, this workout app offers some of the most advanced features like  Body Driven Music adjusts music tempo of mixes and playlists to match your steps or goal cadence.

Rock My Run has a clean UI and decent music organization tools. You can select music from genres like Pop, Rock, Hip-hop/Rap, House, Dubstep, Drum & Bass, 80’s, 90’s, Oldies, Christian, R&B, Latin, Reggae, Seasonal, Country, Bmore, Classical. Lastly, the application also has dedicated Marathon playlists.

PROS

  • Mixes build in BPM
  • Ads not too intrusive
  • Massive music collection

CONS

  • You can’t view the actual list of songs in the playlist
  • Doesn’t work on low-speed internet connection.

DOWNLOAD Rock My Run 

6. SONGily

Next android music downloader on the list is SONGily. Using SONGily, you can either stream or download music. SONGily offers accurate search results and has impressive background playback and file transfer features. Furthermore, SONGily has a capable inbuilt music player and inbuilt download manager. Lastly, you can even use SONGily to download Youtube, Facebook, Instagram videos.

PROS 

  • Download history
  • No ads
  • Many fan-made covers

CONS

  • Not ideal for downloading popular songs.
  • Random download issues

DOWNLOAD SONGily

7. Napster Music

Napster Music is one of the best free music download app for android users. This free music download app for android offers an extensive collection of 40 million songs from 35 countries. Apart from songs, Napster Music can also be used for listening to FM radio. Lastly, this song download app also offers capable playlist management tools.

Napster Music comes with a free one month trial, you can continue using it if you like the application by paying a small amount.

PROS

  • Napster is Ad free
  • Download unlimited songs and playlists
  • Available For Android, iOS, Windows and Mac

CONS

  • Playback is often interrupted
  • You can’t play music simultaneously on different devices

DOWNLOAD Napster Music

8. Ganna Music

Ganna Music is a perfect application for streaming and downloading Indian Music. Apart from 30 million Bollywood & English songs collection Ganna Music also doubles up as a full-fledged FM Radio. Furthermore, Ganna also offers lyrics for every song on the streaming service.

Upgrading to Ganna Music Plus, you can download unlimited songs for offline listening and sync downloads on five devices.

PROS

  • Black and white theme
  • Music updated daily
  • Music in high definition audio quality

CONS

  • Ads with the free version
  • Random issues with music queue

DOWNLOAD Ganna Music 

9. Wynk Music

Wynk Music is another capable music streaming and downloading service. This streaming service offers thousands of curated playlists, and you can even follow artists and playlists. One of the major highlights of the Wynk Music is that it supports chromecast.

Similar to Ganna Music you have to pay to download songs, but streaming songs is completely free of cost. Lastly, Wynk Music also has Internet-based Radio and capable exploration tools.

PROS

  • Personalized recommendations
  • High-quality music streaming
  • Free music streaming at low internet speeds

CONS

  • Too many ads in the free version
  • Low bit rate music with the free version

DOWNLOAD Wynk Music

10. Saavn Music And Radio

Last application to download and stream music online for free is Saavn. Well, Saavn has possibly the best UI among all of the applications as mentioned earlier. While searching music on Saavn, you can even type lyrics that you remember to play a song.

Similar to all applications you can create and save playlists of your favourite songs. Saavn has a decent organization for different moods or genre.

PROS

  • 320kbps high-quality audio downloads on Pro version
  • Saavn Radio – endless music for any mood, song, or artist
  • Saavn Pro has a low subscription charge

CONS

  • Screen covering Ads on Free version
  • Unusable at slow internet speeds

DOWNLOAD Saavn

CONCLUSION 

So these were some of the best music downloading and streaming apps for android users. Well, if you made it so far do let us know which music streaming or downloading app do you use. Lastly, do share any other personal recommendation in the comments section below.

The post 10 Best Free Music Downloader Apps For Android appeared first on TechWorm.

Banking trojan found in call recorder app on Play Store – stole over €10,000

By Waqas

Android is one of the most vulnerable mobile operating systems with hackers developing new Android malware and banking trojan every 17 seconds. Then, there is Google and questionable security measures to protect users from sophisticated and persistent malware attacks. Recently, Lukas Stefanko, an IT security researcher at ESET has discovered a nasty piece of banking trojan targeting […]

This is a post from HackRead.com Read the original post: Banking trojan found in call recorder app on Play Store – stole over €10,000

Mobile Menace Monday: SMS phishing attacks target the job market

Recently, a co-worker received an enticing SMS message from ASPXPPZUPS Human Resources. It read:

Tired of your old job? Join our team today, work from home and earn $6,200 per month: hire-me-zvcbrvpffy.<hidden>.com.  

Could it be that our dream job awaits via random text message? On the contrary, this SMS phishing attack could cause nightmares for unsuspecting job hunters.

Don’t quit your day job

In order to investigate this phish further, the first step is browsing to this so-called career-changing website mentioned in the message.

Click to view slideshow.

Amazon!? Awesome! Let’s review this exciting position of Prime Agent. Great base salary plus commission! Full healthcare and minimal working hours! Brand new car!? All for a couple of easy job responsibilities you can do from home—Apply now!

Okay, seriously though, if the brand-new car bit doesn’t tip people off this is a ruse, I don’t know what will.

Gathering information

Knowing this is a ruse, let’s proceed forward by clicking Apply now regardless.

Click to view slideshow.

This is where I’m a little disappointed in the scammers. This could be an opportunity to gather a person’s full resume, with history of work, education, where they live, and a plethora of other information. Instead, they only ask for name, email, and phone number. Lazy. Still, this is enough to send spam emails and even more SMS phishing attacks.

Adding fake information and turning on a network sniffer, I submitted the information.

As a result, the network capture shows the information going to a amz-jobs-careers.<hidden>/apply.php. After hitting Submit Details, it redirects to amazon.com to make things look legitimate.

Job hunters beware

Many studies have shown that in America, many people are unhappy with their current jobs. For example, the Conference Board conducted a 2018 study reporting that 51 percent of people are satisfied with their jobs, thus leaving 49 percent unhappy. In addition, it’s a job-rich economy right now, which means it’s a great time to be looking if you aren’t happy in your current situation. It’s no wonder scammers are targeting job hunters. For those in the 49 percent, best to stick with more trustworthy methods than through SMS phishing messages.

To aid in the battle against SMS phishing attacks, our premium version of Malwarebytes for Android alerts users of dangerous links in SMS messages. Furthermore, our it also scans phishing URLs when using the Chrome browser, once again alerting on detection.

In case anyone was wondering, I’m fortunate to be in the 51 percent of people happy with their jobs—mainly because I get to protect readers like you! Stay safe out there!

The post Mobile Menace Monday: SMS phishing attacks target the job market appeared first on Malwarebytes Labs.

A week in security (September 17 – 23)

Last week, we took a look at a low level spam campaign on Twitter, explored the signs of falling victim to phishing, and examined a massive WordPress compromise. We also explained some SASL vulnerabilities and covered a breaking Emotet spam campaign.

Other cybersecurity news:

Stay safe, everyone!

The post A week in security (September 17 – 23) appeared first on Malwarebytes Labs.

Bogus finance apps on Google Play target users worldwide

ESET researchers have discovered malicious apps impersonating various financial services and the Austrian cryptocurrency exchange Bitpanda on Google Play. The fake apps Uploaded to Google’s official app store in June 2018 and collectively downloaded and installed over a thousand times, upon launch the apps would immediately request the user to enter credit card details and/or login credentials to the targeted bank or service. The entered information would then be sent to the attacker’s server, and … More

The post Bogus finance apps on Google Play target users worldwide appeared first on Help Net Security.

Mac Virus: Android Issues

Lucian Constantin for Security Boulevard: New Android Botnet Pops Up on Malware-as-a-Service Market – “The toolkit, dubbed Black Rose Lucy by researchers from security firm Check Point Software Technologies, is made up of a back-end control panel dubbed the Lucy Loader and an Android implant called the Black Rose dropper. The malware was created by a team of Russian speaking developers that Check Point calls the Lucy Gang.”


Betanews: Unless you upgrade to Android Pie, a vulnerability leaves your phone trackable — and Google won’t fix it “The vulnerability (CVE-2018-9489) was revealed in a report from Nightwatch Cybersecurity which warns that it can be used to “uniquely identify and track any Android device” and also to “geolocate users”.”


Zeljka Zorz for Help Net: Scan reveals known open source vulnerabilities in popular Android apps – “Widespread use of unpatched open source code in popular Android apps is causing significant security vulnerabilities, warns the non-profit American Consumer Institute Center for Citizen Research (ACI)…. “Critical vulnerabilities were found in many common applications, including some of the most popular banking, event ticket purchasing and travel apps,” the researchers noted.”

David Harley





Mac Virus

A week in security (September 10 – 16)

Last week on Malwarebytes Labs, we assessed the security of a portable router, identified ways to waste a scammer’s time, named the many faces of omnichannel fraud, questioned the security of 2FAs, profiled a massive tech support scam operation, and exposed a new HMRC phishing campaign.

Other cybersecurity news:

Stay safe, everyone!

The post A week in security (September 10 – 16) appeared first on Malwarebytes Labs.

Two New Monero Malware Attacks Target Windows and Android Users

Researchers spotted two new Monero malware attacks targeting Windows and Android devices that hide in plain sight and masquerade as legitimate application updates.

Quick Heal Security Labs discovered the new “invisible” Monero mining infection trying to hide on Windows PCs. Once installed, this self-extracting executable unpacks a VBS script, extraction utility, password-protected archive and batch file in the C:/ProgramFiles/Windriverhost directory. It then launches ouyk.vbs to maintain persistence and xvvq.bat to keep the computer on by modifying the PowerCFG command.

Finally, it runs the driverhost.exe mining program, which mines for Monero, while xvvq.bat regularly checks for analysis and antivirus tools using the tasklist command. The infection vector is currently unknown, but Quick Heal speculated that spear phishing and malvertising are likely culprits.

Meanwhile, as noted by Fortinet, the Android/HiddenMiner.A!tr malware attempts to compromise Android devices by posing as an update to the Google Play Store. If installed on an emulator or virtual machine, it shuts down to avoid analysis. If installed on a mobile device, it activates and asks for administrative privileges. If not granted, the malware will continue asking for permission until users allow installation.

Monero Malware Hides in Plain Sight

Along with efforts to avoid analysis, Quick Heal noted that the Monero malware also limits central processing unit (CPU) usage to 35 percent for all mining activity. Given the persistence of the malware and the low CPU cap, users may not encounter the system performance issues and application lag commonly associated with mining attacks, improving the malware’s ability to go undetected for long periods of time.

On the other hand, the HiddenMiner malware is problematic for Android users because it appears in the Google Play Store as an update to the Store itself. As a result, users aren’t surprised by requests for admin rights since the “update” seemingly comes from Google.

How to Mitigate the Threat of Monero Malware

Shutting down these Monero malware tools requires keeping devices up to date and regularly checking desktops for indicators of compromise (IoCs). As noted by IBM X-Force Exchange, the HiddenMiner malware won’t work on Android 7.0 or later thanks to a change in Android PacKage (APK) format that introduced a new signing mechanism. Malware attempting to execute on devices running 7.0 or later will instead return an error message.

IBM security professionals also recommend targeting common IoCs to detect mining malware. As noted by Quick Heal, a flaw in the xvvq.bat file means it only kills driverhost.exe if taskmgr.exe is running — making it easier for security teams to track down the driverhost.exe IoC and take action to remove the malware.

Sources: Quick Heal Security Labs, Fortinet

The post Two New Monero Malware Attacks Target Windows and Android Users appeared first on Security Intelligence.