Android accessibility | Breaking Cybersecurity News | The Hacker News

Watch out! If you have any of the below-mentioned file managers and photography apps installed on your Android phone—even if downloaded from the official Google Store store⁠—you have been hacked and being tracked. These newly detected malicious Android apps are Camero , FileCrypt , and callCam that are believed to be linked to Sidewinder APT, a sophisticated hacking group specialized in cyber espionage attacks. According to cybersecurity researchers at Trend Micro, these apps were exploiting a critical use-after-free vulnerability in Android at least since March last year⁠—that's 7 months before the same flaw was first discovered as zero-day when Google researcher analysed a separate attack developed by Israeli surveillance vendor NSO Group. "We speculate that these apps have been active since March 2019 based on the certificate information on one of the apps," the researchers said . Tracked as CVE-2019-2215 , the vulnerability is a local privilege escalation

Due to rise in malware and adware abusing Android accessibility services, Google has finally decided to take strict steps against the apps on its app platform that misuse this feature. Google has emailed Android app developers informing them that within 30 days, they must show how accessibility code used in their apps is helping disabled users or their apps will be removed from its Play Store entirely. For those who are unaware, Android's accessibility services are meant to help disabled people interact with their smartphone devices ( such as automatically filling out forms, overlaying content or switching between apps ) by allowing app-makers to integrate verbal feedback, voice commands and more in their apps. Many popular Android apps use the accessibility API to legitimately provide users with benefits, but over the past few months, we have seen a series of malware, including DoubleLocker ransomware, Svpeng , and BankBot , misusing this feature to infect people. Re

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.

Researchers have discovered a new attack, dubbed 'Cloak and Dagger', that works against all versions of Android, up to version 7.1.2. Cloak and Dagger attack allows hackers to silently take full control of your device and steal private data, including keystrokes, chats, device PIN, online account passwords, OTP passcode, and contacts. What's interesting about Cloak and Dagger attack? The attack doesn't exploit any vulnerability in Android ecosystem; instead, it abuses a pair of legitimate app permissions that is being widely used in popular applications to access certain features on an Android device. Researchers at Georgia Institute of Technology have discovered this attack, who successfully performed it on 20 people and none of them were able to detect any malicious activity. Cloak and Dagger attacks utilise two basic Android permissions: SYSTEM_ALERT_WINDOW ("draw on top") BIND_ACCESSIBILITY_SERVICE ("a11y") The first permissi