BlackBerry Android January Security Update Available NOW! 

BlackBerry is quick to roll out the first security update of the new year.Here we are three days in to the new year, and BlackBerry is already rolling out the January security update for Android powered BlackBerry devices.Owners of devices purchased through Shop BlackBerry should already have the update available. For the rest of us who purchased our devices through carriers, we will have to wait for our specific carriers to push the update to us.In a not from BlackBerry, “If your BlackBerry powered by Android smartphone does not have an up-to-date software build available, please contact your retailer or carrier directly for security maintenance release availability information.” I’d suggest to do this soon and do it often.Remind your carrier that the update is available and the only thing standing between that update and you is them. Remember, the world of mobile security is constantly moving, and having timely updates are integral to our device security.The latest update is dated January 5, 2017. To verify your version, head to Settings>About Phone. For information about the security fixes included in this update, click here.

Source: BlackBerry Android January Security Update Rolling Out – UTB Blogs

While BlackBerry Offers A Complete Security Portfolio, Apple Offers Almost Nothing – UTB Blogs

While BlackBerry Offers A Complete Security Portfolio, Apple Offers Almost Nothing December 19, 2016 Canuckvoip 221 Views 0 Comments On the eve of BlackBerry’s Q3 fiscal results I’m reading the usual bears posting thinly veiled or blatantly negative articles on the company. One can only surmise that these attack pieces are meant to either bolster their position in stocks like AAPL, or to attempt to force a dip in BBRY. We shall see what happens to those shorts tomorrow, Tuesday Dec 20th 2016. What caught my eye was the amazing amount of people, mostly day traders and investors that are completely and utterly ignorant. Not only are they ignorant about what BlackBerry does, but they are ignorant about BlackBerry’s focus and direction.   Statement after statement is about how Apple’s iOS is the most secure mobile OS available, which I find to be frustratingly hilarious. When it is pointed out that iOS gets jailbroken within days of a new version coming out, what you get back is “iOS gets hacked because it’s popular”. Or how about “Security through obscurity is not security”. Even though nobody has ever rooted a BlackBerry 10 or BlackBerry Android device somehow it magically doesn’t matter. Absolutely amazingly myopic logic (or lack thereof). So I thought to myself  “What is the difference between these two companies?” I mean, why do Apple boosters actually think that what Apple offers is better/more secure than what BlackBerry offers? I decided to write it down.

Source: While BlackBerry Offers A Complete Security Portfolio, Apple Offers Almost Nothing – UTB Blogs

Malware Is Still Spying On Android After Your Mobile Is Off

As posted on the AVG blog, a new piece of Android Malware has been found.

After pressing the power button, you will see the real shutdown animation, and the phone appears off. Although the screen is black, it is still on.

While the phone is in this state, the malware can make outgoing calls, take pictures and perform many other tasks without notifying the user.

How does this happen?

First, we have to analyze in detail, the shutting down process.

On Android devices, when the power off button is pressed it will invoke the interceptKeyBeforeQueueingfunction of the class interceptKeyBeforeQueueing.interceptKeyBeforeQueueing will check if the power off button is pressed and go to certain process.

Malware Is Still Spying On You After Your Mobile Is Off.

Investigating Malware Pawn Storm for iPhone

As posted on the Fortinet Blog!

What does the malware do?

To summarize the malware’s goals, it fetches commands via HTTP GET from a remote C&C, and uploads information via HTTP POST. The command it recognizes are listed in the table below.

0 Get Info Device

1 Start Record

2 Get Audio File

3 Get Contact List

4 Current Location

5 Get Installed Apps

6 Wifi Status

7 Get all Pictures from Photo Library

8 List a given directory

9 Get a given file

10 Get process list

11 Get SMS

The code shows a few interesting things:

via Investigating on Pawn Storm for iPhone | Fortinet Blog.

Bank Hackers Steal Millions via Malware

PALO ALTO, Calif. — In late 2013, an A.T.M. in Kiev started dispensing cash at seemingly random times of day. No one had put in a card or touched a button. Cameras showed that the piles of money had been swept up by customers who appeared lucky to be there at the right moment.

BankMalware

But when a Russian cybersecurity firm, Kaspersky Lab, was called to Ukraine to investigate, it discovered that the errant machine was the least of the bank’s problems.

via Bank Hackers Steal Millions via Malware – NYTimes.com.

WhatsApp security still broken…

“WhatsSpy Public” a tool for spying on WhatsApp users bypassing security settings

WhatsAppSpy

Social media is growing at a fast pace nowadays but with growing socialization the safety measures and privacy option should also be developed so that one’s information cannot be leaked at any endpoints. Social apps such as Facebook, WhatsApp, Hike, Instagram etc. are used by several people without knowing that how safe they really are or if their messages or personal information are not leaked.

The smartphone stand alone instant messaging App, WhatsApp is once again in the news due to a certain tool which can break its security features.  WhatsSpy Public tool which was recently released can give you status updates of any WhatsApp user, even if privacy options have been enabled.

WhatsSpy Public uses the web-based utility to trace the moments of a WhatsApp user and shows them in a dashboard with events being displayed in a timeline. The tool can be used to compare activities from one user to those of another for a more comfortable experience.

via WhatsSpy Public : WhatsApp status tool lets stalkers track you bypassing privacy settings.

Alcatel-Lucent report on malware in 2014 sees rise in device and network attacks that place personal and workplace privacy at risk | Alcatel-Lucent

The Motive Security Labs report – which looked at all popular mobile device platforms – found that such malware infections in mobile devices increased 25% in 2014, compared to a 20% increase in 2013. Android™ devices have now caught up with Windows™ laptops, which had been the primary workhorse of cybercrime, with infection rates between Android and Windows devices split 50/50 in 2014. While less than 1% of infections come from iPhone® and Blackberry® smartphones, new vulnerabilities emerged last year to show they are not immune to malware threats.

Malware growth continues to be aided by the fact that a vast majority of mobile device owners do not take proper device security precautions. A recent Motive Security Labs survey found that 65% of subscribers instead expect their service provider to protect both their mobile and home devices. Motive’s malware report concluded that infection rates in residential networks also rose significantly in 2014, with malware found in 13.6% of residences, an increase of 5% over the previous year.

“With malware attacks on devices steadily rising with consumer ultra-broadband usage, the impact on customer experience becomes a primary concern for service providers,” said Patrick Tan, General Manager of Network Intelligence at Alcatel-Lucent. “As a result, we’re seeing more operators take a proactive approach to this problem by providing services that alert subscribers to malware on their devices along with self-help instructions for removing it.”

Other Motive Security Lab report highlights include:

The mobile infection rate in 2014 is 0.68%. Based on this Alcatel-Lucent estimates that worldwide, about 16 million mobile devices are infected by malware.

Mobile malware is increasing in sophistication with more robust command and control protocols

Mobile spyware, used to spy on a phone’s owner, is also on the increase. It tracks the phone’s location, monitors ingoing and outgoing calls, text messages, e-mail and tracks web browsing.

The overall monthly infection rate in residential fixed broadband networks is just under 14%. This is up substantially from the 9% seen in 2013. This is mostly attributable to an increase in infections by moderate threat level adware.

High-level threats such as ‘bots’, ‘rootkits’, and ‘banking trojans’ remain steady at around 5%.

via Alcatel-Lucent report on malware in 2014 sees rise in device and network attacks that place personal and workplace privacy at risk | Alcatel-Lucent.

Remotely install and launch Android apps from the Play Store Vulnerability

Lucky for me… i am using a Blackberry Passport! 

Vulnerability Summary

Android Metasploit

Due to a lack of complete coverage for X-Frame-Options (XFO) support on Google’s Play Store web application domain, a malicious user can leverage either a Cross-Site Scripting (XSS) vulnerability in a particular area of the Google Play Store web application, or a Universal XSS (UXSS) targeting affected browsers, to remotely install and launch the main intent of an arbitrary Play Store provided Android package (APK).

 

Affected Platforms

Many versions of Android 4.3 (Jelly Bean) and earlier ship with browsers with UXSS exposures, as discussed in this Rapid7 blog post. Users of these platforms may also have installed vulnerable aftermarket browsers, as discussed in this TrendLabs blog post. Of the vulnerable population, it is expected that many users are habitually signed into Google services, such as Gmail or YouTube. These mobile platforms are the the ones most at risk. Other browsers may also be affected.

 

Simplified Demonstration of the XFO Gap

The following Javascript is sufficient to elicit a response from the play.google.com domain without an appropriate XFO header:

via Metasploit: R7-2015-02: Google Play Store X-Fra… | SecurityStreet.