Software

Google to Stop Bundling Apps on Android in EU

Google to Stop Bundling Apps on Android in EU

In response to the recent $5 billion antitrust fine handed to it by the EU’s competition authority, Google said that it will be changing the way it bundles apps on Android. The search giant will also allow phone makers to sell modified versions of its mobile OS. However, it will also start charging device manufacturers a license fee for pre-installing apps like YouTube, Docs, or Gmail. Google says that the fees are meant to offset revenue intended for Android development that will be lost due to compliance efforts. The licenses for Search and Chrome will not have a fee. Source: […]

Google Challenges EU Regulator Over $5 Billion Antitrust Penalty

Google Challenges EU Regulator Over $5 Billion Antitrust Penalty

Google said in an email last Tuesday that it has filed an appeal challenging the decision of European antitrust regulators to penalize the company $5 billion for unfairly using its Android operating system to thwart competitors. The Alphabet unit previously argued that the Android gave consumers more choices, not less. However, EU competition enforcers said that Google had abused its market dominance since 2011 and forced manufacturers to pre-install Chrome and Google play with the mobile OS. It is said that a final appeal is still possible at the Court of Justice of the European Union, but only on points […]

Hackers Likely to Use “Virtual Singapore” Project for Plotting Terror Attacks  

Hackers Likely to Use “Virtual Singapore” Project for Plotting Terror Attacks  

The director of programs at Singapore’s National Research Foundation said this week that the Virtual Singapore project will be a hot target for hackers as it could be used for effectively plotting terror attacks. George Loh, who led the development of the project for the Prime Minister’s Office of Singapore, says that while the project will be instrumental in improving the lives of Singaporeans, they need to think two or three steps ahead as it could also create big problems when used by malicious actors. The Virtual Singapore Project, a digital version of the city-state, is considered to be one […]

Zoho Taken Offline, Asks for Help Via Twitter

Zoho Taken Offline, Asks for Help Via Twitter

CRM software company Zoho was recently suspended by its domain registrar TierraNet for allegedly sending phishing emails. TierraNet said that it had taken down Zoho for not responding to the abuse notices that it had sent. However, Zoho CEO Sridhar Vembu said that they only got 3 complaints in 2 months, 2 of which are already being investigated, and it was TierraNet who did not respond to them so they had to tweet to get the its attention.  The domain registrar already put Zoho back online, but the incident had left Zoho customers angry and confused. It was also noted that […]

Trend Micro Apps Removed from Mac App Store for Leaking User Data

Trend Micro Apps Removed from Mac App Store for Leaking User Data

Apple had reportedly removed several apps under Trend Micro’s developer account, including Dr. Antivirus, Dr. Cleaner, and Dr. Unarchiver for silently collecting information from the user’s system. A number of researchers had found that the top-rated apps were hardcoded to exfiltrate user information such as browser history, serial number, and OS version. One of the researchers, Privacy_1, further revealed that apps from Chinese developers such as Adware Doctor, Komros Adware Cleaner, Open Any Files and Adblock Master exhibited the same behavior. TrendMicro, meanwhile, said that their apps merely collected browser snapshots for security purposes, but the behavior had been disclosed […]

EU Security Researchers Find Banking Trojans on Google Play

EU Security Researchers Find Banking Trojans on Google Play

Security researchers from EU-based companies tweeted this week that a number of banking trojans and shady apps can still be found on Google Play. Lukas Stefanko from ESET said that he found three astrology apps that had the functionality to steal and send SMS, steal callLogs and banking credentials, and download and install apps. Meanwhile, Nikolaos Chrysaidos of Avast discovered five malicious apps that claimed to improve the performance of the user’s device, but were part of a banking malware campaign that was identified in the first week of August. Source: Bleeping Computer

DeepFake Videos a Threat to 2018 US Midterm Elections

DeepFake Videos a Threat to 2018 US Midterm Elections

Siwei Lyu, director of the Computer Vision and Machine Learning Lab at the State University of New York in Albany, recently wrote that fake videos made with machine learning called “deepfakes” may pose a significant problem to the upcoming 2018 US midterms. However, the SUNY associate professor of computer science, along with colleague Ming-Ching Chang and Ph.D. student Yuezun Li said that they have found a reliable way to tell what is a fake video. The experts pointed out that the algorithm used for making the videos is still not perfect, which makes the simulated face unable to blink in […]

Microsoft Enables End-to-End Encryption for Skype

Microsoft Enables End-to-End Encryption for Skype

Microsoft has enabled end-to-end encryption this week for Private Conversations on the consumer version of Skype. The feature, which had been announced in January, is now available on Windows, MacOS, iOS, Android, and Linux. However, the encryption standard only works for a single conversation per device at a time for now. Users can enable the feature from a recipient’s profile or the compose menu to generate an invitation. Once selected, all calls, messages and image/audio/video transmissions will be encrypted until the session is ended. Skype had previously been using 256-bit AES encryption, which is weaker than end-to-end encryption as it […]

Security Expert Reveals MacOS Malware Capable of Synthetic Mouse Clicks

Security Expert Reveals MacOS Malware Capable of Synthetic Mouse Clicks

Patrick Wardle of Digita Security revealed at the recently-held DefCon in Las Vegas a malware that can perform synthetic clicks on MacOS, which can allow attackers to bypass permission prompts and compromise the user’s system. Wardle said that such a malware, which synthetically interacts with the user interface, can be used to bypass layers of security so the attacker can access the user’s location, steal their contacts or even take over the computer’s kernel core system to fully control the computer. Wardle added that he came across the “synthetic clicks“ bypass technique by incorrectly pasting code.   Source: Wired

All-in-one Printers, Fax Machines Can be Used to Hack Company Networks, Researchers Warn

All-in-one Printers, Fax Machines Can be Used to Hack Company Networks, Researchers Warn

Check Point Software researchers warned this week that hackers can now take over company networks by exploiting a bug in fax machines and all-in-one printers. The researchers said that it is possible to steal company secrets just by faxing over lines of malicious code disguised as an image file. The file is then decoded and stored in the fax’s memory which the attacker can use to take over the machine. While HP said that they had already addressed the vulnerability, the researchers added that the new attack vector can still be used on faxes from other brands. Source: CNBC