Researcher Builds Mock Botnet Of 'Twilight'-Loving Android Users

Researcher Builds Mock Botnet Of 'Twilight'-Loving Android Users

Researcher Builds Mock Botnet Of 'Twilight'-Loving Android Users

Posted:

InfoSec News: Researcher Builds Mock Botnet Of 'Twilight'-Loving Android Users: http://blogs.forbes.com/firewall/2010/06/21/researcher-builds-mock-botnet-of-twilight-loving-android-users/
By Andy Greenberg The Firewall Forbes.com June 21, 2010
A word of caution to any Android users who downloaded an app over the past weekend promising pictures of the next Twilight film: Next time, your obsession with vampires might just turn your phone into a zombie.
In a talk at the hacker conference SummerCon last Friday, researcher Jon Oberheide gave a demonstration of just how easy it may be to infect large numbers of phones running Google's Android OS with hidden software that turns the devices into a zombie-like "botnet" under the control of a cybercriminal--particularly if that software associates itself with a phenomenon as popular and tween-entrancing as the upcoming Twilight Eclipse film.
Oberheide focused on what may be a serious security weakness in Android's App Market: that apps don't have to ask permission from a user to fetch new executable code. Even after an app has been approved for downloads in Google's market, Oberheide says, it can still metamorphose at will into a much less friendly program.
Oberheide, who works for security startup Scio Security, developed an application called "RootStrap" to demonstrate that trust problem for Android apps. After it's installed, Rootstrap periodically "phones home" to check for any new code that Oberheide wants to add to the program, including any hidden control program or "rootkit" that he wished to install--hence the program's name. "This is probably the most effective way to build a mobile botnet," Oberheide told SummerCon's audience of hackers and security researchers.
[...]

Government devotes more brainpower and money to cybersecurity

Posted:

InfoSec News: Government devotes more brainpower and money to cybersecurity: http://www.washingtonpost.com/wp-dyn/content/article/2010/06/21/AR2010062104680.html
By Walter Pincus The Washington Post June 22, 2010
Cybersecurity, fast becoming Washington's growth industry of choice, appears to be in line for a multibillion-dollar injection of federal [...]

Looking For Vulns In All The Right Places? Experts Say You Might Be Missing A Few

Posted:

InfoSec News: Looking For Vulns In All The Right Places? Experts Say You Might Be Missing A Few: http://www.darkreading.com/vulnerability_management/security/perimeter/showArticle.jhtml?articleID=225700674
By Keith Ferrell Contributing Writer DarkReading June 18, 2010
The biggest vulnerabilities in the enterprise might be items we see every day -- and just don't think about. [...]

Stock Manipulation Botnet Surfaces

Posted:

InfoSec News: Stock Manipulation Botnet Surfaces: http://www.informationweek.com/blog/main/archives/2010/06/stock_manipulat.html
By George Hulme InformationWeek June 21, 2010
A Belgian federal investigation into an electronic bank account heist reveals a sophisticated attack designed to manipulate stock prices, a [...]

[Dataloss Weekly Summary] Week of Sunday, June 13, 2010

Posted:

InfoSec News: [Dataloss Weekly Summary] Week of Sunday, June 13, 2010: ========================================================================
Open Security Foundation - DataLossDB Weekly Summary Week of Sunday, June 13, 2010
4 Incidents Added.
======================================================================== [...]

Darpa Taking Fire for Its Cyberwar Range

Posted:

InfoSec News: Darpa Taking Fire for Its Cyberwar Range: http://www.wired.com/dangerroom/2010/06/darpa-taking-fire-for-its-cyberwar-range/
By Noah Shachtman Danger Room Wired.com June 21, 2010
Two years ago, the White House and the Pentagon launched a massive, secretive $17 billion effort to shore up the nation's defenses, and [...]

Career Bobs

Posted by Rohan ingale at 6:23 AM

0 comments:

Post a Comment