#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Insider Risk Management

application development | Breaking Cybersecurity News | The Hacker News

Koler Android Ransomware Learns to Spread via SMS

Koler Android Ransomware Learns to Spread via SMS

Oct 25, 2014
Users of Android operating system are warned of a new variant of Android malware Koler that spreads itself via text message and holds the victim's infected mobile phone hostage until a ransom is paid. Researchers observed the Koler Android ransomware Trojan , at the very first time, in May when the Trojan was distributed through certain pornographic websites under the guise of legitimate apps. It locks the victim's mobile screen and then demands money from users with fake notifications from law enforcement agencies accusing users of viewing and storing child pornography. ANDROID SMS WORM Recently, researchers from mobile security firm AdaptiveMobile has discovered a new variant of the rare piece of mobile malware – named Worm.Koler – that allows the malware to spread via text message spam and attempts to trick users into opening a shortened bit.ly URL, turning Koler into an SMS worm. Once the device is infected by the Koler variant, it will first send an SMS mess
NSA-Proof "Blackphone" Gets Rooted Within 5 Minutes

NSA-Proof "Blackphone" Gets Rooted Within 5 Minutes

Aug 11, 2014
The ultra secure NSA-Proof Blackphone titled as, " world's first Smartphone which places privacy and control directly in the hands of its users, " has been rooted within 5 minutes at the BlackHat security conference in Las Vegas this weekend. Blackphone , a joint venture between encrypted communications firm Silent Circle and Spanish Smartphone maker Geeksphone , has a fully customized version of Android known as PrivatOS and pre-installed with lots of privacy-enabled applications, which claims to offer its users a high-end security at consumer level. A security researcher with twitter handle @TeamAndIRC took only 5 minutes to achieve root access on the Blackphone without having the need to unlock the device' bootloader. The hacker even mocked Blackphone's team by saying that "It is apparent no one ran CTS [ compatibility test suite ] on this device." The so-called " secure " Android phone that was promising security given the fact that its basically a suite of secure
New Android Malware 'HijackRAT' Attacks Mobile Banking Users

New Android Malware 'HijackRAT' Attacks Mobile Banking Users

Jul 03, 2014
Cybercriminals have rolled out a new malicious Android application that wraps different varieties of banking fraud trick into a single piece of advanced mobile malware . GOOGLE SERVICE FRAMEWORK - APPLICATION OR MALWARE? Security researchers at the security firm FireEye have came across a malicious Android application that binds together the latest and older hijacking techniques. The malicious Android app combines private data theft, banking credential theft and spoofing, and remote access into a single unit, where traditional malware has had only one such capability included in it. Researchers dubbed the malware as HijackRAT , a banking trojan that comes loaded with a malicious Android application which disguises itself as "Google Service Framework," first and the most advanced Android malware sample of its kind ever discovered, combining all the three malicious activities together. MALWARE FEATURES By giving the remote control of the infected device to hackers,
cyber security

Guide: Secure Your Privileged Access with Our Expert-Approved Template

websiteDelineaIT Security / Access Control Security
Transform your Privileged Access Management with our Policy Template—over 40 expertly crafted statements to elevate compliance and streamline your security.
A SaaS Security Challenge: Getting Permissions All in One Place

A SaaS Security Challenge: Getting Permissions All in One Place 

May 08, 2024Attack Surface / SaaS Security
Permissions in SaaS platforms like Salesforce, Workday, and Microsoft 365 are remarkably precise. They spell out exactly which users have access to which data sets. The terminology differs between apps, but each user's base permission is determined by their role, while additional permissions may be granted based on tasks or projects they are involved with. Layered on top of that are custom permissions required by an individual user.  For example, look at a sales rep who is involved in a tiger team investigating churn while also training two new employees. The sales rep's role would grant her one set of permissions to access prospect data, while the tiger team project would grant access to existing customer data. Meanwhile, special permissions are set up, providing the sales rep with visibility into the accounts of the two new employees. While these permissions are precise, however, they are also very complex. Application admins don't have a single screen within these applications th
Expert Insights
Cybersecurity Resources