Newly Discovered Android Malware Was Downloaded Millions Of Times

April 20, 2013 – 9:08 PM

Security firm Lookout has detailed a clever new bit of Android Malware lurking in the Google Play store. The good news: unless you’re downloading questionable Russian clone apps, you’re probably not affected. The bad news: that hasn’t kept it from being downloaded a few million times.

The new malware, fittingly dubbed “BadNews”, has been spotted tucked into 32 different apps from 4 separate developer accounts. Since Google Play only gives download numbers as huge ranges, no one can say exactly how many devices this has affected. With the lowball estimates, it’s around two million. On the high end, it’s as many as nine million. In reality, it’s somewhere in between the two.

As the BadNews bug appears to have been distributed as an ad framework for developers to use, it’s unclear how many of the infected apps were built primarily for malicious reasons. It’s quite possible that some of the apps were built by well-meaning developers who just made a bad decision on an ad provider.

Source:
http://techcrunch.com/2013/04/20/newly-discovered-android-malware-was-downloaded-millions-of-times/

Amazon S3 Users Exposing Sensitive Data

March 27, 2013 – 5:28 PM

A review of publicly visible content on Amazon’s S3 storage service found that some sensitive data may be publicly accessible and could contain data used in a future network attack, according to Rapid7, which conducted the study. Misconfiguration issues are common when users set up the S3 service, exposing data that would otherwise likely be deemed private, the firm said. Boston-based vulnerability management vendor Rapid7 conducted an analysis of nearly 13,000 Amazon S3 buckets and found 2,000 were publicly available. The researchers gathered a list of more than 126 billion files, and a random sampling found 40,000 publicly visible files, many of which contained sensitive data, the firm said. “This is ultimately a misconfiguration issue,” said Tod Beardsley, engineering manager for Metasploit, the penetration tool maintained by Rapid7. “The surprise here was that it wasn’t just regular people doing this; it was enterprise-level IT pros and third-party contractors who manage your S3 presence for you.”

Source:
http://www.crn.com/news/security/240151857/amazon-s3-users-exposing-sensitive-data-study-finds.htm

Send Encrypted Emails Through Gmail Using a Chrome Extension

January 9, 2013 – 5:16 PM

Need to send sensitive information through email? Normal email messages can be intercepted or hacked before reaching the recipient. However, you can use a free extension for Google Chrome, called SafeGmail, that allows you to send encrypted emails to anyone.

Messages are encrypted and decrypted within the browser, so your message is only seen by you and the person to whom it is sent, and the messages remain encrypted in both the sender’s and receiver’s email inboxes  The messages also automatically expire after a random amount of time.

SafeGmail works with any recipient email provider.

To install the extension, visit the SafeGmail extension page using the link at the end of this article. Click the Add to Chrome button.

Source:
http://www.howtogeek.com/133361/send-encrypted-emails-through-gmail-using-a-chrome-extension/

New Instagram Terms of Use: Can now sell your photos

December 18, 2012 – 5:24 AM

“Some or all of the Service may be supported by advertising revenue. To help us deliver interesting paid or sponsored content or promotions, you agree that a business or other entity may pay us to display your username, likeness, photos (along with any associated metadata), and/or actions you take, in connection with paid or sponsored content or promotions, without any compensation to you. If you are under the age of eighteen (18), or under any other applicable age of majority, you represent that at least one of your parents or legal guardians has also agreed to this provision (and the use of your name, likeness, username, and/or photos (along with any associated metadata)) on your behalf.”

Source:
http://instagram.com/about/legal/terms/updated/

 

Windows passwords easily guessed by 25-GPU server

December 9, 2012 – 8:50 PM

Ever wondered how secure the password to your Windows workstation is? Well, as it turns out, it’s pretty insecure when put up against a 25-GPU server cluster running a combination of Linux and freely available password-cracking software suites. Said server, powered by 25 AMD Radeon graphics cards, manages to brute force Windows passwords at a rate of 350 billion guesses-per-second, making short work of eight-character passwords.

In around 5.5 hours the server cluster can try 6.6 quadrillion password combinations, enough to check every possible eight-character password including upper/lower-case letters, digits and symbols. Microsoft’s NTLM cryptographic algorithm, which has been in use since Windows Server 2003, now seems remarkably weak and particularly insecure in some enterprise settings. With access to a hash of a workstation password, this machine will most likely be able to crack it in under a day.

Of course, this machine can only really guess passwords up to eight characters in a reasonable time, as adding just one extra character (to nine characters total) would require 500 hours to crack; 10 characters and you’re looking at 5.4 years of cracking time. However, as many businesses stipulate eight characters as a minimum, there’s a possibility that this machine will make (relatively-speaking) short work of it.

This 25-GPU machine is not limited to just cracking Windows passwords – it also has the power to guess at 44 other algorithms at a blistering pace. It attacks SHA1 at 63 billion guesses per second and MD5 at 180 billion guesses per second, although struggles against some super-tough encryption such as SHA512crypt (just 364,000 guesses per second).

Source:
http://www.neowin.net/news/windows-passwords-easily-guessed-by-25-gpu-server