Security | League Of Technical Voters

Over 500 Android apps with a combined 100 million downloads found to secretly contain spyware

Unbeknown to the app developers, an advertising software kit contained code for stealing data from their products’ users.

More than 500 Android apps, collectively downloaded over 100 million times from the Google Play store, could have been used to secretly distribute spyware to users, thanks to a malicious advertising SDK (software development kit).

Mobile apps — especially free ones — commonly use advertising SDKs to deliver ads to their customers through existing advertising networks, thereby generating revenue.

Continue reading “Over 500 Android apps with a combined 100 million downloads found to secretly contain spyware”

Intel Security is McAfee again

If you were on the internet in a certain era, you remember McAfee. It was the defensive line between you and the rest of the internet, reminding you with incessant popups that you were not hacked, not quite yet, but only if you renewed your subscription right away. Then Intel bought the firewall company in 2010 for an eye-popping $7.68 billion and billed it as Intel Security, and the name McAfee became more closely associated with the company’s founder, a man who retired to Belize only to be accused of his neighbor’s murder. (Johnny Depp will reportedly play John McAfee in an upcoming film.)

Continue reading “Intel Security is McAfee again”

Budget US Android smartphones found secretly sending personal data to China

Commercial firmware pre-installed on some Android smartphone models sold in the US has been found to be secretly sending highly sensitive data to a third party company based in China, according to analysis by security firm Kryptowire.

Personal data being transmitted without users’ knowledge or consent included text messages, call logs, contacts, app usage data and even a user’s location.

Continue reading “Budget US Android smartphones found secretly sending personal data to China”

The consequences of the Trump presidency on cybersecurity

A situation now revealed in all its hideousness, brought to us by a 400-lb hacker in bed.

Hacking and cybersecurity played a huge role in the presidential election. So much so that Donald Trump, America’s new president-elect, was helped greatly by the acts of criminal hackers in his journey to the White House, and is now an outspoken WikiLeaks fan.

Though, unless he appoints Julian Assange as his Cybersecurity Czar, I doubt we’ll be seeing WikiLeaks coming to Trump’s rescue when he needs help with cyber-policy in the near future. But you never know.

Continue reading “The consequences of the Trump presidency on cybersecurity”

Whatsapp starts rolling out two-factor authentication

Beta Android users should see it now.

Whatsapp is one of the biggest messaging services out there, so it’s a little surprising that it hasn’t supported two-factor authentication. That is, until now — as noted by Android Police, people using the beta version of Whatsapp are starting to see the option to turn on this extra security measure.

Continue reading “Whatsapp starts rolling out two-factor authentication”

Yahoo confirms state-sponsored attacker stole personal data of “at least” 500 million users

As indicated by an earlier report, Yahoo today confirmed it’s working with law enforcement to investigate a data breach which affected the account information of “at least” 500 million users. The company says that the user account information was stolen from its network in late 2014 by what it now believes to be a state-sponsored actor. The stolen information includes people’s names, email addresses, telephone numbers, birth dates, passwords (most hashed with bcrypt), and, in some cases, encrypted or unencrypted responses to security questions and answers.

Continue reading “Yahoo confirms state-sponsored attacker stole personal data of “at least” 500 million users”

FBI detects breaches in US state voting systems

US intelligence officials have become increasingly worried that hackers sponsored by Russia or other countries may attempt to disrupt the presidential election.

The FBI is urging US election officials to increase computer security after it uncovered evidence that hackers have targeted two state election databases in recent weeks, according to a confidential advisory.

Continue reading “FBI detects breaches in US state voting systems”

A New Wireless Hack Can Unlock 100 Million Volkswagens

JAPAN-GERMANY-AUTO-TOYOTA-VOLKSWAGEN

In 2013, when University of Birmingham computer scientist Flavio Garcia and a team of researchers were preparing to reveal a vulnerability that allowed them to start the ignition of millions of Volkswagen cars and drive them off without a key, they were hit with a lawsuit that delayed the publication of their research for two years. But that experience doesn’t seem to have deterred Garcia and his colleagues from probing more of VW’s flaws: Now, a year after that hack was finally publicized, Garcia and a new team of researchers are back with another paper that shows how Volkswagen left not only its ignition vulnerable but the keyless entry system that unlocks the vehicle’s doors, too. And this time, they say, the flaw applies to practically every car Volkswagen has sold since 1995.

Continue reading “A New Wireless Hack Can Unlock 100 Million Volkswagens”

Exploit broker steals Apple thunder, offers $500,000 for iOS zero days

Now $200,000 seems like small change.

It was only last week that Apple finally launched a bug bounty program, but it did not take long for exploit peddlers to outbid the tech giant.

Continue reading “Exploit broker steals Apple thunder, offers $500,000 for iOS zero days”

Romanian spies want to spot faces in a crowd – illegally, say human rights groups

Romania’s intelligence agency and local human-rights groups aren’t seeing eye to eye over a new facial recognition system that’s officially for fighting terrorism and tax evasion.

Continue reading “Romanian spies want to spot faces in a crowd – illegally, say human rights groups”