close

Internet Security

Internet Security

Combination of Features Produces New Android Vulnerability

Combination of Features Produces New Android Vulnerability

Cloak and Dagger: Current Android Vulnerability in Mobile Phones

Security researchers has found a serious android vulnerability that can steal any password with Android features. The real bad thing: banking trojan use the method long ago.

Two app rights of the Android operating system can be misused to build a universal keylogger, which reads everything the user of the device taps into the keyboard. In addition, an attacker can use it to give a malicious app unlimited rights. This android vulnerability attacks have revealed several security researchers at universities in UC Santa Barbara and Georgia Tech in the US. They gave android vulnerability the name Cloak & Dagger. The gaps are still open, but Google now prevents apps that they use to be loaded into the Play Store. In addition, Android O (the next version of the operating system) will close the gaps.

Researchers at the Georgia Institute of Technology have discovered how good Android features can be used for malicious android vulnerability on smartphone users. Both SYSTEM_ALERT_WINDOW (“draw on top”) and BIND_ACCESSIBILITY_SERVICE are the security gaps. The former allows you to display important messages about the current app’s current output, which is used to help visually impaired users, Criminal attackers can, however, as the security researchers show, abuse both functions in harmless apps: In several videos, they perform as they lurk in the background with their android vulnerability “Cloak and Dagger” method (night-and-fog-action) Track passwords, and secretly install applications with malicious code and full access rights.

The Android Vulnerability Problem:

Each app can use both functions without having to request special privileges. Attackers can now set harmless apps – such as “sweet cat videos” – in the playstore, which displays invisible buttons via a banking app, with which password entries are recorded or when playing a video loads malicious programs from the Internet and secretly with full rights equip. Worse: This behavior is part of Android’s user guide, so there is no security hole that could be easily closed by a patch. Google’s automated testing of new apps lets many such wolves in the sheep fur. In fact, the security portal The Hacker News has already reported on several banking trojans in the Playstore, which also work with this android vulnerability “Cloak and Dagger” methods.

How Can You Protect Yourself From Android Vulnerability?

Currently, there is no complete protection against this android vulnerability! You should pay particular attention to installing apps only from trusted manufacturers, and you should also set up a protection program on your smartphone. In addition, at least Android 6 can minimize the risk of android vulnerability by allowing you to turn off notifications or allow apps to be used: Go to Settings, then Apps, Gear icon, Show other Apps, now Apps With permission and there for all apps except the absolutely necessary (such as trustworthy calendar, alarm clock). The rest will be done by Google: First, the Android vendor has to check the apps in the Playstore more intensively, secondly, to prevent the abuse of SYSTEM_ALERT_WINDOW and BIND_ACCESSIBILITY_SERVICE. The latter is still working for the upcoming Android 8, which is to put now common android vulnerability the craft by new security functions. Whether this current android vulnerability Cloak and Dagger on the current Android versions ever completely stopped.

read more
Internet Security

How should I Protect My Windows PC From Malware and Viruses?

How should I Protect My Windows PC From Malware and Viruses?

Anti-virus programs have been around for 20 years and are an essential part of any Windows setup. However, Windows changed and so did its threats. A third-party AV program is no longer crucial and few of them may be harmful.  Needs do vary as some people are more prone to accidents and some are not so sensitive to malware and threats. Some surf parts of the internet that is quire risky and some have the need to protect and secure their valuable information. All of these factors need to be taken into account. A Windows user who is aware of the risks can maybe survive without any anti-virus software altogether. However, users who are less knowledgeable can get their PCs infected by malware even if they have given their system ample protection.

Threats from Malware

Many of the major AV products came into the picture because of many viruses that were developed by amateurs. This is no longer the case as today’s malware is developed by professionals to make some money out of it. Their deliver viruses through emails and websites and want their malware to be hidden and undetectable. Their interest lies in collecting financial details and passwords etc. and this is where ransomware steps in. They hold important and valuable information of users such as personal files and photos, financial data, etc., as hostage and demand for a ransom against it, recently in the form of Bitcoin which has become a secure way to collect cash. The best way of defence against this is to create a backup of all the important data offline.

Coding and screening

When most of the major AV products started out, Windows and its key browsers were not that secure. However, this is no longer the current scenario. In 2002, Trustworthy Computing Initiative or TCi was launched by Microsoft co-founder Bill Gates as an initiative in making security the company’s top priority. Therefore, there was a significant drop in Windows PC infection rates due to modified designs and development of software Microsoft used as a result of TCI training and methodologies. Windows 10 now has a vast arrangement of security and technologies that help mitigate threat to such an extent that the main threats come from Oracle Java and some Adobe software which are all third-party programs.

A huge improvement has been made in the security of web browsers, Google’s Chrome and Microsoft’s Edge in particular. Chrome is secured and has security systems that protect the background operating system from attacks that are web-based. Security improvements have come from systems that allow safe browsing by blacklisting websites that contain malware. Google Safe Browsing is now present n Firefox, Chrome, Apple’s Safari and Vivaldi while there is a built-in SafeScreen filter in Windows 10. If you are apprehensive about a certain website, it can be checked manually at Google’s website. Windows 10 users are well protected as long as their softwares are updated. Updating browsers and other third-party softwares also contribute towards securing a system and this can be done by using Patch My PC, Kaspersky Software Updater or Flexera’s Personal Software Inspector (PSI).

Problem of Anti-Virus Softwares

Anti-virus companies initially started out as protection for susceptible operating systems and browser codes but they have reached a point where weak anti-virus softwares are more harmful than helpful. Usually, programmers won’t acknowledge these problems because they require the AV supplier’s assistance when AV disrupts or crashes their software. At the same time, they cannot tell users to disable their AV as they will be held responsible if something negative happens. This leaves just one solution which includes Microsoft Defender since there is ample data showing that it’s the only suitable AV and browser makers don’t have any reservations about it. Windows Defender may not be the best in protecting systems from malware but at the same time is the least damage.

Strategy for Security against malware

It is a misconception that running an anti-virus program will provide protection against malware.  To secure your system against malware certain steps need to be taken.

First, Windows 10 needs to be run with Windows Defender and cloud-based heuristics, the SmartScreen filter and basic telemetry, which is extensively security related, all need to be turned on. Setting up PCs this way will prevent probably malware problems for months.

Second, Windows should be run as a standard user instead of an administrator which most people do. Linux and MacOs users have already started this practice. 99% of threats and attacks are eliminated by running as a standard user.

Third, Windows and all of the PC’s software should be kept up to date. Mostly a malware takes advantage of security loop holes that have been previously patched, sometimes a long time ago. For higher levels of security, it is advisable to run Google Chrome or a Chromium-based browser such as Vivaldi for instance.

Fourth, always make sure that all your personal and important data has been backed up at a reliable place. FreeFileSync can be used to copy data folders to n external hard drive on a daily basis which in turn can be backed up to a second external hard disk. Another reliable option are Blu-rays as they are immune to ransomware and malware.

Fifth, periodic scans should be made to check if the anti-virus on your system has skipped something. Microsoft has MSRT or Malicious Software Removal Tool which is to be used before installing any significant updates. Many AV firms including Trend Micro, ESET, Bitdefender and F-Secure provide free online scanners too.

Sixth, note that Windows 10 allows refresh, reset and recovery facilities. If this option is not used, one must be prepared to wipe the hard drive clean and reinstall Windows 10 from the basics. Instructions are provided from Microsoft and all the preferences and authentication are stored in your Microsoft account online. Any apps that were downloaded will be reinstalled by the Windows Store. It is extensively easy to get back to where you left off.

Choosing an Anti-Virus

Users are more prone to attack if they are not on Windows 10. However, there are many free anti-virus programs available that are highly recommended such as Avira or Bitdefender. The best paid anti-virus option would be Kaspersky but Trend Micro is also worth considering. While selecting an AV program, factors need to be taken into consideration such as special features, the user interface, impact on the system’s performance, if it hampers any other software’s performance, the speed with which it scans, etc. There are a minimum of a dozen suitable options, so that one can made an informed choice.

read more