If a victim downloads and executes an Anubis app masquerading as a legitimate service, they are opening themselves up to the malware's wide variety of hijacking capabilities. Anubis is able to take screenshots, record audio, send, receive, and delete SMS messages, steal contact lists and account credentials, open URLs -- potentially to download additional payloads -- and is also able to disable Google Play Protect. … [Read more...] about Anubis Android banking malware returns with extensive financial app hit list
BENGALURU: A software engineer and a security firm have exposed what they say are vulnerabilities in Ola's mobile app, raising concerns about the robustness of technology at India's largest cab aggregator. The two bugs that have been unearthed allow unethical individuals with basic programming knowledge to enjoy unlimited free cab rides—one at the expense of Ola and another at the expense of genuine users whose wallets become compromised. Ola, which is based in Bengaluru and controls an overwhelming majority of India's cab aggregation market, acknowledged problems with software but said bugs have been fixed. One of the chinks in the app was detected serendipitously in January by a 22-year-old software engineer Shubham Paramhans who was looking to hire a cab in the middle of a weekend project. While doing so, he got access to Ola's software code that allowed him to take advantage of a promotional scheme for first-time users such that they could be used unlimited number of … [Read more...] about Ola Cabs app hit by bug that allows free rides
The vulnerability can also have dire consequences for people who have made their Macs accessible through remote management screen sharing provided through macOS or third-party services. Will Dormann, a vulerability analyst at CERT, said on Twitter that having remote options turned on will allow attackers to remotely access the machine with no password required. Results from a quick search that were posted on Twitter showed more than 105,000 Macs alone had the VNC remote desktop app installed. To check if remote management or screen sharing is on, users can check the Sharing menu in System Preferences. … [Read more...] about macOS bug lets you log in as admin with no password required
As Barlow's quote hints, the story this time centers on a young female hacker played by Jessica Nurse (Scandal). On Twitter, Barlow noted the concept started before 2017's North Korea-US nuclear drama (before the 2016 election even) but that the message will clearly resonate today. Despite the very real subject matter, Barlow said ensuring that the new #WarGames kept the fun ethos of the original became a top priority ("Broderick’s charisma and the optimism of him and Sheedy in the face of Professor Falken’s nihilism and the logic of the Cold War was the core of that movie for me," he tweeted). … [Read more...] about Shall we play a game?
Firefox to clear cookies for ad tech companies each dayMozilla says that going forward, it plans to clear first-party cookies every 24 hours for all known advertisers as a way to prevent redirect tracking. This way, even if advertisers employ redirect tracking, users will have a brand new identity each day, preventing companies from linking previous activity to a unique user profile. … [Read more...] about Firefox adds protections against redirect tracking