- January 5, 2021
- 3 minute read
Security researchers at Checkpoint have discovered possibly the largest malware campaign ever on Google Play Store. The security provider claims that more than 36.5 million Android devices are infected by a malicious ad-click software.
Most of the apps containing the adware were developed by Korean company Kiniwini which published the apps under the moniker ENISTUDIO Corp. The mobile adware, known as Judy, was created to stay dormant within legitimate game apps only to later be used to generate fake ad clicks.
The malware managed to bypass Google’s Bouncer by acting as an actual game. In the background, however, it connects to a remote command and control server and imitates user behavior by spoofing user agents. It then proceeds to start a browser and click on ad banners.
Google has since removed all the malicious apps from the Play Store.
A few days ago, Samba.org, disclosed a critical vulnerability that has existed for 7 years. The remote code execution flaw puts Linux systems and many network appliances at high risk. Even though there are patches available, the attack surface for this vulnerability remains huge.
The company distributes Samba open-source software which enables Windows file sharing access to non-Windows machines. Their open source network application provides the same functionality as Microsoft Server Message Block (SMB). Note that SMBv1 were among WannaCry exploits.
Considering that the exploit code is openly available, it is likely it will soon be integrated into all kind of malicious toolkits.
According to Ernie Regalado, founder and editor-in-chief at Bizety Technologies, Google will start abandoning the Border Gateway Protocol sometime in 2018.
At the moment, Google has the largest private network and accounts for 20-25% of the global Internet traffic. With unprecedented global exposure, Google data centers communicate via an in-house built routing protocol. And Google has already shown its non-BGP intentions with Google Espresso. Regalado claims that the other four giants are ready to follow suit.
“That would be Apple, Facebook, Amazon and Microsoft, which we refer to as GAFAM (...) By the end of next year, more than 50% of all Internet traffic will be routed via non-BGP. Instead, it will be routed via private networks using home-grown routing protocols. This is going to pose a problem to (...) the competition, because routing over a highly optimized private network is leaps and bounds better than BGP”
Ernie Regalado, Founder at Bizety, in a recent blogpost
In that scenario, Google would have a huge competitive advantage. All of which makes it clear why they would push for a non-BGP shift. By providing the underlying cloud platform, Google is going for the entire global technology industry. The ultimate goal? It’s what Regalado calls - “a global tax”. Every storage, computing or delivery service gets charged pennies per transaction. Brave but not unrealistic forecast.
On their last annual event, Citrix has unveiled a new cloud service which is built to enable users to access all of their Citrix services in a single place. The Citrix Workspace Station will be able to recognise user’s context and deliver access to apps, data and files based on various contextual information.
Workspace Services will determine the location, type of network, device used, access levels and then deliver an optimized version. In a safe environment, the user gets access to all the data and apps they are authorised to use. In case of unoptimal environments, such as on mobile or public Wi-Fi, they get restricted access but still the most out of it.
The context-based access management product has apparently been three years in R&D phase. Workspace Services is expected to be available to use by September.
A research by RedLock found that a stunning 82% of public cloud databases are openly exposed to data theft. The research discovered that somewhere near 4.8 million records holding sensitive data were publicly available for anyone to access.
The report found that unencrypted databases are becoming a serious security problem. Findings also suggest there are other factors exposing cloud databases to attack. Mostly enterprises allowing employees access to sensitive applications, lack of access controls and lack of security expertise in the developer team.
The highly dynamic public cloud environment makes it tough for traditional security solutions and especially users to keep pace. It all shows the need for solutions that are able to manage security and compliance risks in a fast and effective way.