Archive

Archive for April, 2020

Hackers have breached 60 ad servers to load their own malicious ads | ZDNet

April 22, 2020 Leave a comment

Imagine running your web server for little or money and putting up with some ads (don’t look down, DON’T LOOK DOWN 🤓) only to find that one of the visitors to your site gets pwned because of an ad like one of these?

Sample ads that contained malware

https://www.zdnet.com/article/hackers-have-breached-60-ad-servers-to-load-their-own-malicious-ads/

Categories: General

Developers Network Behind Android Apps With 69M+ Installs Unveiled

April 20, 2020 Leave a comment

Ever wonder why someone would spend time creating software for your cellphone…for FREE? I mean most of us would install an app with ads enabled rather than pay for the software but these guys may have actually created software to steal your data. This post lists the group by name and you are advised to remove apps that have been created by any of this group.

https://latesthackingnews.com/2020/04/20/secret-network-of-27-app-developers-boasting-android-apps-with-over-69m-installs-unveiled/

Categories: General

Want to learn how to counter Mobile App Risks?

April 18, 2020 Leave a comment

In what seems like a comprehensive list of the OWASP Mobile top 10, this blog entry from AppSealing brings you a great article about what developers need to worry about to protect your mobile apps.

AppSealing is an app-wrapping approach to protecting your mobile application and is a great approach to solve many issues after you have developed your app. You can look at it as an emergency curbside tire inflation kit. Nice to have and not need than need and not have.

It might be better to find a cure instead of just treating the symptom. If you can, make use the risks identified in this blog to effect design changes to your app to avoid many of these vulnerabilities from occuring.

Review this post to become aware of the many issues that plague mobile developers.

https://www.appsealing.com/owasp-mobile-top-10-a-comprehensive-guide-for-mobile-developers-to-counter-risks/

Categories: General

Great news for all you iOS hackers!

April 12, 2020 Leave a comment

You can now sideload unverified apps on iOS without Jailbreak or revokes. Anyone who thought that iOS was more secure than Android is going to learn the hard way. MDM rules are going to need to really clamp down on malicious apps.

https://www.notebookcheck.net/You-can-now-sideload-unverified-apps-on-iOS-without-Jailbreak-or-revokes.461039.0.html

Categories: General

What is Windows Virtual Desktop? – The Redmond Cloud

April 6, 2020 Leave a comment

Can it be that MS has learned from all of that RDP vulnerability and come up with a novel way to enable VDI for us all?

https://www.theredmondcloud.com/windows-virtual-desktop/

Categories: General

OWASP Mobile Top 10: Comprehensive Guide To Counter Mobile App Risks

April 4, 2020 Leave a comment

Here is a great article about the specific risks that mobile apps face. Learning about the attack surface of your mobile applications can help your organization plan how to avoid breach – https://www.appsealing.com/owasp-mobile-top-10-a-comprehensive-guide-for-mobile-developers-to-counter-risks/

Categories: General

U.S. Government: Update Chrome 80 Now, Multiple Security Concerns Confirmed

April 2, 2020 Leave a comment

If you use webaudio in a browser like Chrome, you should be interested to learn that three severe vulnerabilities are being fixed and all you have to do is upgrade your Chrome!

Whether you use WebAudio or not, if someone sends you a link to a site that has one of these vulnerabilities, you are probably already pwned.

The details are being held back but you can read more in the announcement here…

https://www.forbes.com/sites/daveywinder/2020/04/02/us-government-says-update-google-chrome-80-now-multiple-security-concerns-confirmed/

Categories: General