Lasers help generate a quantum state that changes when anyone eavesdrops on it

China has successfully sent "hack-proof" messages from a satellite to Earth for the first time.

Weak signals

Signals sent over fibre-optic cables have to be boosted to make it over very long distances

Over 800 different Android apps that have been downloaded millions of times from Google Play Store found to be infected with malicious ad library that silently collects sensitive user data and can perform dangerous operations.

Dubbed "Xavier," the malicious ad library, initially emerged in September 2016, is a member of AdDown malware family, potentially posing a severe threat to millions of Android users.
Since 90 percent of Android apps are free for anyone to download, advertising on them is a key revenue source for their developers. For this, they integrate Android SDK Ads Library in their apps, which usually doesn't affect an app's core functionality.

According to security researchers at Trend Micro, the malicious ad library comes pre-installed on a wide range of Android applications, including photo editors, wallpapers and ringtone changers, Phone tracking, Volume Booster, Ram Optimizer and music-video player.

Features of Xavier Info-Stealing Malware

The previous variant of Xavier Ad library was a simple adware with an ability to install other APKs silently on the targeted devices, but in the latest release, the malware author has replaced those features with more sophisticated ones, including:

• Evade Detection: Xavier is smart enough to escape from being analyzed, from both static and dynamic malware analysis, by checking if it is being running in a controlled environment (Emulator), and using data and communication encryptions.
• Remote Code Execution: The malware has been designed to download codes from a remote Command & Control (C&C) server, allowing hackers to remotely execute any malicious code on the targeted device.
• Info-Stealing Module: Xavier is configured to steal devices and user related information, which includes user’ email address, Device id, model, OS version, country, manufacturer, sim card operator, resolution, and Installed apps.

According to the researchers, the highest number of infected users are from Southeast countries in Asia such as Vietnam, Philippines, and Indonesia, with a fewer number of downloads are from the United States and Europe.
















Here is a list of 75 infected Android apps that Google has already removed from its Play Store, and if you have installed any of these apps on your device, you are advised to remove it immediately.

Android malware continues to evolve with more sophisticated and never-seen-before capabilities with every passing day. Just last week, we saw first Android malware with code injecting capabilities making rounds on Google Play Store.

How to Protect Yourself

The easiest way to prevent yourself from being targeted by a clever malware like Xavier, always beware of fishy applications, even when downloading them from official Play Store and try to stick to the trusted brands only.

Moreover, always look at the reviews below left by other users who have downloaded the app and verify app permissions before installing any app and grant those permissions that have are relevant for the app's purpose.

Last but not the least, you are strongly advised to always keep a good antivirus application on your device that can detect and block such malware before they can infect your device, and keep your device and apps up-to-date.

A new Android-rooting malware with an ability to disable device’ security settings in an effort to perform malicious tasks in the background has been detected on the official Play Store.

What's interesting? The app was smart enough to fool Google security mechanism by first pretending itself to be a clean app and then temporarily replacing it with a malicious version.

Security researchers at Kaspersky Lab discovered a new piece of Android rooting malware that was being distributed as gaming apps on the Google Play Store, hiding behind puzzle game "colourblock," which was being downloaded at least 50,000 times prior to its removal.

Dubbed Dvmap, the Android rooting malware disables device's security settings to install another malicious app from a third-party source and also injects malicious code into the device system runtime libraries to gain root access and stay persistent.

"To bypass Google Play Store security checks, the malware creators used a very interesting method: they uploaded a clean app to the store at the end of March, 2017, and would then update it with a malicious version for short period of time," the researchers said. 

"Usually they would upload a clean version back on Google Play the very same day. They did this at least 5 times between 18 April and 15 May."

Here's How Dvmap Malware Works

To make sure the malicious module gets executed with system rights, the malware overwrites system's runtime libraries depending on which Android version the device is running.
To complete the installation of the above-mentioned malicious app, the Trojan with system rights turns off "Verify Apps," feature and modify system setting to allow app installation from 3rd party app stores.

"Furthermore, it can grant the "com.qualcmm.timeservices" app Device Administrator rights without any interaction with the user, just by running commands. It is a very unusual way to get Device Administrator rights," the researchers said.

This malicious 3rd party app is responsible for connecting the infected device to the attacker's command-and-control server, giving out full control of the device into the hands of attackers.

However, the researchers said, they haven't noticed any commands received by the infected Android devices so far, so it's unclear "what kind of files will be executed, but they could be malicious or advertising files."

How to Protect Yourself Against Dvmap Malware

Researchers are still testing the Dvmap malware, but meanwhile, advise users who installed the puzzle game in question to back up their device's data and perform a full factory data reset in an effort to mitigate the malware.

To prevent yourself from being targeted by such apps, always beware of fishy apps, even when downloading from Google Play Store, and try to stick to the trusted brands only. Moreover, always look at the comments left by other users.

Always verify app permissions before installing any app and grant only those permissions which have relevant context for the app's purpose.

Last but not the least, always keep a good antivirus app on your device that can detect and block such malware before it can infect your device and keep it up-to-date.

(CREDIT: David Paul Morris/Bloomberg)

Look sharp, Mac users. There's another emerging threat headed your way, and it's capable of eavesdropping on all of your web browsing... Even if you browse sites using an HTTPS connection and the lock icon in your browser's address bar is green.

Researchers at Checkpoint have observed a new phishing campaign that's currently targeting Mac users across Europe. They say it's the first campaign of its kind and note that the Trojan is signed with a valid Apple developer certificate, just like a legitimate app would be. I've reached out to Apple for a comment on this and will update this post with their response. Update: an Apple spokesperson informed me that the developer certificate has been revoked and Xprotect updated to help combat this threat.

Like much of today's malware, social engineering is the key to this new Mac threat. OSX/Dok needs an admin password to successfully compromise a system. It phishes for credentials by displaying full-screen alerts that claim there's an urgent OS X update waiting to be installed.

A malicious OSX/Dok pop-up, courtesy Checkpoint

A team of researchers at Newcastle University in the U.K. has published a paper highlighting some troubling findings linking on-board sensors with privacy issues. Using data collected by mobile devices’ hardware tracking systems, the team was able to crack four digit-PINs with 70 percent accuracy on the first try, with 100 percent accuracy by try number five.

While some applications alert users to specific on-board monitoring, it’s certainly not universal — nor, for that matter, is any insight into how often that information is being accessed.

“Having access to these sensors, either via the native apps, which you can install on your phone or a web application — it’s not like they always ask permission,” the paper’s lead researcher Dr. Maryam Mehrnezhad told TechCrunch. “So, these sensors, which are related to your identity, like your microphone, camera or GPS, but for a lot of these new sensors, none of them ask for permission. And a lot of users don’t know that the web application has access to it.”

Hackers gaining access to that data can use it to determine a wide range of different activities, according to researchers, like whether the user is sitting, walking or traveling in a car or train. The issue, according to the paper, is particularly troublesome with regards to mobile browsers. A site accessed with malicious code can open the device to such sensor-based monitoring working in the background when browser tabs are left open.

Dr. Mehrnezhad tells TechCrunch that the University has contacted some of the biggest names in the mobile industry about the issue. And while major players are aware of the problem, actually addressing it could prove easier said than done.

“All mobile platforms[…] are aware of this problem,” she says. “We reported it to them, and ever since we’ve been in touch with them, we’ve been trying to fix this problem together. It’s still ongoing research on both sides. But we’re in contact with these communities to figure out the best solution.”


Mehrnezhad says the team has been in touch with the major players through the World Wide Web Consortium (W3C), and some, including Mozilla, have gone a ways toward addressing the issue. But there’s still work to be done — and a line to walk, between privacy and usability. Mobile companies will no doubt be hesitant to block access required for the functionality initially intended for the sensors.

The issue, Mehrnezhad adds, will only grow as connected devices become more prevalent through the growth of wearables and connected home products. Meantime, the team suggests a number of ways to help combat vulnerabilities, including regularly changing PINs and quitting out of any apps not currently in use.

We must fight against government over-reach in surveillance laws, including through the courts if necessary. We must push back against misinformation by encouraging gatekeepers such as Google and Facebook to continue their efforts to combat the problem, while avoiding the creation of any central bodies to decide what is 'true' or not. We need more algorithmic transparency to understand how important decisions that affect our lives are being made, and perhaps a set of common principles to be followed.

Simply slotting your card into an ATM machine is no-longer safe as ATM skimmers have gotten just a bit smarter. New devices called Shimmers can now read your card number and, in certain instances, access your card’s chip. While the technique isn’t new – Shimmers began appearing in 2015 – they are still a huge security hole and far more dangerous than standard skimmers.

Because Shimmers are so thin they can disappear inside of an ATM or card reader. The data read when the chip is activated cannot be used to create a chip-based card but because some of the magnetic data is passed during the read process you can use Shimmers to easily recreate dumb magnetic cards.

PIN and Chip cards use a system called dynamic CVV which makes them harder to crack than standard cards. However, some banks and vendors “have apparently not correctly implemented the chip card standard, known as EMV (short for Europay, Mastercard and Visa)” .

“The only way for this attack to be successful is if a [bank card] issuer neglects to check the CVV when authorizing a transaction,” wrote NCR Corp. wrote in a 2016. “All issuers MUST make these basic checks to prevent this category of fraud. Card Shimming is not a vulnerability with a chip card, nor with an ATM, and therefore it is not necessary to add protection mechanisms against this form of attack to the ATM.”
The bottom line? Always check the ATM and your surroundings for weird stuff. Sadly, simply pulling on the card reader might not work anymore because these thinner readers can slide right into the slot and hide there, waiting for your card.