iOS Developers Warned About Taking Shortcuts
Comments Off on iOS Developers Warned About Taking Shortcuts
Slapdash developers have been advised not to use the open source JSPatch method of updating their wares because it is as vulnerable as a soft boiled egg, for various reasons.
It’s FireEye that is giving JSPatch the stink eye and providing the warning that it has rendered over 1,000 applications open to copy and paste theft of photos and other information. And it doesn’t end there.
FireEye’s report said that Remote Hot Patching may sound like a good idea at the time, but it really isn’t. It is so widely used that is has opened up a 1,220-wide iOS application hole in Apple users’ security. A better option, according to the security firm, is to stick with the Apple method, which should provide adequate and timely protection.
“Within the realm of Apple-provided technologies, the way to remediate this situation is to rebuild the application with updated code to fix the bug and submit the newly built app to the App Store for approval,” said FireEye.
“While the review process for updated apps often takes less time than the initial submission review, the process can still be time-consuming and unpredictable, and can cause loss of business if app fixes are not delivered in a timely and controlled manner.
“However, if the original app is embedded with the JSPatch engine, its behaviour can be changed according to the JavaScript code loaded at runtime. This JavaScript file is remotely controlled by the app developer. It is delivered to the app through network communication.”
Let’s not all make this JSPatch’s problem, because presumably it’s developers who are lacking.
FireEye spoke up for the open source security gear while looking down its nose at hackers. “JSPatch is a boon to iOS developers. In the right hands, it can be used to quickly and effectively deploy patches and code updates. But in a non-utopian world like ours, we need to assume that bad actors will leverage this technology for unintended purposes,” the firm said.
“Specifically, if an attacker is able to tamper with the content of a JavaScript file that is eventually loaded by the app, a range of attacks can be successfully performed against an App Store application.
Courteys-TheInq
Kemoge Malware Menacing Android Phones
Comments Off on Kemoge Malware Menacing Android Phones
Smartphone owners running Google’s Android operating system in more than 20 countries have been infected with a particularly aggressive malware program that bombards devices with unwanted advertisements.
Researchers from FireEye found that the malicious component, nicknamed Kemoge, has been seeded inside what appear to be legitimate apps offered on third-party application stores.
“This is another malicious adware family, possibly written by Chinese developers or controlled by Chinese hackers, spreading on a global scale that represents a significant threat,” wrote Yulong Zhang, a staff research scientist with FireEye.
Whomever created Kemoge repackaged legitimate apps with the malware and then promoted them on websites and through in-app ads to persuade people to download them.
Zhang listed a dozed affected apps: Sex Cademy, Assistive Touch, Calculator, Kiss Browser, Smart Touch, Shareit, Privacy Lock, Easy Locker, 2048kg, Talking Tom 3, WiFi Enhancer and Light Browser.
Third-party apps stores are considered risky places to download Android apps, as hackers frequently upload malicious apps to them. Google performs a security check on apps in its Play store, although harmful ones occasionally sneak in.
Kemoge not only displays unwanted ads, but it’s also loaded with eight root exploits that target a wide range of Android devices, Zhang wrote. A successful attack using those exploits means an attacker would have complete control over the device.
Kemoge will collect a device’s IMEI (International Mobile Station Equipment Identity) and IMSI (International Mobile Subscriber Identity) numbers, information on storage and apps, and send the information to a remote server.
That command-and-control server was still running, Zhang wrote. An analysis of traffic exchanged between an infected device and the server showed Kemoge also tries to uninstall antivirus apps.
FireEye came across an app called Shareit in Google’s Play store that was signed by the same digital certificate as the malicious one found on the third-party source.
The Google Play version of ShareIt did not have the eight root exploits or contact the command-and-control server, but it did have some of the same Kemoge code libraries. It now appears to be gone from Google Play.
Source-http://www.thegurureview.net/mobile-category/kemoge-malware-menacing-android-phones.html
Can OSX Make Macs Vulnerable To Rootkits?
Comments Off on Can OSX Make Macs Vulnerable To Rootkits?
The software genii at Apple have redesigned their OSX software to allow malware makers to make designer micro-software that can infect Macs with rootkits.
Obviously the feature is one that Apple software experts designed specifically for malware writers, perhaps seeing them as an untapped market.
The bug in the latest version of Apple’s OS X allows attackers root user privileges with a micro code which could be packed into a message.
Security researcher Stefan Esser said that this was the security hole attackers regularly exploit to bypass security protections built into modern operating systems and applications.
The OS X privilege-escalation flaw stems from new error-logging features that Apple added to OS X 10.10. Plainly the software genii did not believe that standard safeguards involving additions to the OS X dynamic linker dyld applied to them because they were protected from harm by Steve Job’s ghost.
This means that attackers to open or create files with root privileges that can reside anywhere in the OS X file system.
“This is obviously a problem, because it allows the creation or opening (for writing) of any file in the filesystem. And because the log file is never closed by dyld and the file is not opened with the close on exec flag the opened file descriptor is inherited by child processes of SUID binaries. This can be easily exploited for privilege-escalation,” Esser said.
The vulnerability is present in both the current 10.10.4 (Yosemite) version of OS X and the current beta version of 10.10.5. Importantly, the current beta version of 10.11 is free of the flaw, an indication that Apple developers may already be aware of the vulnerability.
An Apple spokesman said that engineers are aware of Esser’s post of course they did not say they would do anything about it. They will have to go through the extensional crisis involved in realising that their product was not secure or perfect. Then the security team will have to issue orders, signed in triplicate, sent in, sent back, queried, lost, found, subjected to an internal inquiry, lost again, and finally bury it in soft peat for three months and recycled as firelighters.
New Malware Targeting Apple Devices
Comments Off on New Malware Targeting Apple Devices
Palo Alto Networks Inc has uncovered a new group of malware that can infect Apple Inc’s desktop and mobile operating systems, underscoring the increasing sophistication of attacks on iPhones and Mac computers.
The “WireLurker” malware can install third-party applications on regular, non-jailbroken iOS devices and hop from infected Macs onto iPhones through USB connector-cables, said Ryan Olson, intelligence director for the company’s Unit 42 division.
Palo Alto Networks said on Wednesday it had seen indications that the attackers were Chinese. The malware originated from a Chinese third-party apps store and appeared to have mostly affected users within the country.
The malware spread through infected apps uploaded to the apps store, that were in turn downloaded onto Mac computers. According to the company, more than 400 such infected apps had been downloaded over 350,000 times so far.
It’s unclear what the objective of the attacks was. There is no evidence that the attackers had made off with anything more sensitive than messaging IDs and contacts from users’ address books, Olson added.
But “they could just as easily take your Apple ID or do something else that’s bad news,” he said in an interview.
Apple, which Olson said was notified a couple weeks ago, did not respond to requests for comment.
Once WireLurker gets on an iPhone, it can go on to infect existing apps on the device, somewhat akin to how a traditional virus infects computer software programs. Olson said it was the first time he had seen it in action. “It’s the first time we’ve seen anyone doing it in the wild,” he added.
China Using Home Servers Admidst Cyber Concerns
Comments Off on China Using Home Servers Admidst Cyber Concerns
A Chinese firm has developed the country’s first homegrown servers, built entirely out of domestic technologies including a processor from local chip maker Loongson Technology.
China’s Dawning Information Industry, also known as Sugon, has developed a series of four servers using the Loongson 3B processor, the country’s state-run Xinhua News Agency reported Thursday.
“Servers are crucial applications in a country’s politics, economy, and information security. We must fully master all these technologies,” Dawning’s vice president Sha Chaoqun was quoted as saying.
The servers, including their operating systems, have all been developed from Chinese technology. The Loongson 3B processor inside them has eight cores made with a total of 1.1 billion transistors built using a 28-nanometer production process.
The Xinhua report quoted Li Guojie, a top computing researcher in the country, as saying the new servers would ensure that the security around China’s military, financial and energy sectors would no longer be in foreign control.
Dawning was contacted on Friday, but an employee declined to offer more specifics about the servers. “We don’t want to promote this product in the U.S. media,” she said. “It involves propriety intellectual property rights, and Chinese government organizations.”
News of the servers has just been among the ongoing developments in China for the country to build up its own homegrown technology. Work is being done on local mobile operating systems, supercomputing, and in chip making, with much of it government-backed. Earlier this year, China outlined a plan to make the country into a major player in the semiconductor space.
But it also comes at a time when cybersecurity has become a major concern for the Chinese government, following revelations about the U.S. government’s own secret surveillance programs. “Without cybersecurity there is no national security,” declared China’s Xi Jinping in March, as he announced plans to turn the country into an “Internet power.”
Two months later, China threatened to block companiesfrom selling IT products to the country if they failed to pass a new vetting system meant to comb out secret spying programs.
Dawning, which was founded using local government-supported research, is perhaps best known for developing some of China’s supercomputers. But it also sells server products built with Intel chips. In this year’s first quarter, it had an 8.7 percent share of China’s server market, putting it in 7th place, according to research firm IDC.
Lenovo Launches The IdeaPad
Although it was introduced six months ago at CES, Lenovo’s new IdeaTab has finally showed up at Lenovo’s site with a pretty decent price around $343.20. The IdeaPad comes with a 10.1-inch screen, Qualcomm’s dual-core Snapdragon S4 CPU, Android 4.0 ICS and optional keyboard dock, it certainly sounds like a good deal.
The specification list for the Ideatab S2110 kicks off with a 10.1-inch IPS 1280×800 display, Qualcomm’s 1.5GHz dual-core Snapdragon S4 CPU, 1GB of RAM and Android 4.0 ICS OS. The rest of the specs include back 5MP and front 1.3MP cameras, 802.11bgn WiFi, Bluetooth 4.0, and a battery capable of up to 9-10 hours of WiFi web browsing, according to Lenovo.
Same as the Asus Transformer line of tablets, Lenovo’s Ideatab S2110 also features an optional keyboard dock that gives you an extra ten hours of battery life and adds two USB ports and a card reader.
Motorola, Lenovo To Offer Intel-Smartphones
January 17, 2012 by admin
Filed under Smartphones
Comments Off on Motorola, Lenovo To Offer Intel-Smartphones
Intel announced multi-year deals with Motorola Mobility and Lenovo to create smartphones and tablets, and said the first Google Android phones using the top chipmaker’s processors would go on sale this year.
Speaking at the Consumer Electronics Show in Las Vegas on Tuesday, Intel Chief Executive Paul Otellini said Lenovo would launch a smartphone for the Chinese market using Intel’s newest chip in the second quarter of the year, while Motorola will release its phone in the second half.
The agreements with the U.S. and Chinese consumer electronics makers help shore up Intel’s boldest foray into the mobile arena. The company is hoping its new “Medfield” chip conserves enough power to compete with rival smartphones using ARM Holdings’ more energy-efficient architecture.
The world’s largest chip maker is also making a concerted push for the likes of Hewlett Packard to go big on super-slim, Apple Macbook Air-like laptops called Ultrabooks, which it hopes will preserve its dominance of the PC market as tablets like the iPad draw consumers away.
“It is a multi-year, multi-product strategy that will bring both phones and tablets to the (U.S.) marketplace starting with a phone in the second half of 2012,” Dave Whalen, a vice president in the Intel Architecture Group, said of the agreement with Motorola.
“You’re going to see us working very closely with them on technologies,” Whalen told Reuters in an interview.
China Denies Hack Attack
China has denied involvement in hacking US environment monitoring satellites.
Last week the US-China Economic and Security Review Commission released a draft report about several incidents where US satellites were interfered with in 2007 and 2008.
The Commission did not say that the attacks were traced back to China, but it did cite China’s military as a prime suspect, due to the similarity of the techniques used with “authoritative Chinese military writings” on disabling satellite control.
The hackers gained access to the satellites on at least four occasions through a ground station in Norway. The unauthorised access lasted for between two and 12 minutes. While the attacks did no real damage, they did demonstrate that it is possible to hijack satellites, which is a worrying realisation when military satellites are taken into consideration.
China has a bad reputation throughout the world for alleged cyber attacks, often being the first to blame when a major attack has been discovered. The US has not been the only target either, with alleged attacks against Canada and France having been reported earlier this year.
“[The US] has always been viewing China with colored lenses. This report is untrue and has ulterior motives. It’s not worth a comment,” said Hong Lei, a spokesperson for the Chinese Foreign Ministry, according to Reuters.