Security News

Google has removed an Android VPN program from the Google Play store after researchers notified it of a critical vulnerability. VPNpro, a company that reviews and advises on VPN products, warned in February of a vulnerability in the product that could cause a man in the middle attack, enabling an intruder to insert themselves between the user and the VPN service.

Five related APT groups operating in the interest of the Chinese government have systematically targeted Linux servers, Windows systems and mobile devices running Android while remaining undetected for nearly a decade, according to BlackBerry. Linux runs nearly all of the top 1 million websites online, 75% of all web servers, 98% of the world's supercomputers and 75% of major cloud service providers.

We'll refer to this one a Fourthytuesday instead, now that Firefox has reduced its update wavelength to four weeks to get important-but-not-zero-day-critical fixes out just that bit more frequently. If your automatic update hasn't happened yet, a manual check will let you "Jump the queue" and get the update a bit sooner.

Avast has released an Android version of Avast Secure Browser to extend its platform support beyond Windows and Mac on desktop to mobile. Avast Secure Browser for Android was developed following Avast's 2019 acquisition of Tenta, a private browser backed by Blockchain pioneers ConsenSys, and has been built from the ground up by privacy and cybersecurity engineers focused on total encryption.

An Android malware package likened to a Russian matryoshka nesting doll has security researchers raising the alarm, since it appears it's almost impossible to get rid of. Known as xHelper, the malware has been spreading mainly in Russia, Europe, and Southwest Asia on Android 6 and 7 devices for the past year from unofficial app stores.

Rubean and CCV, in partnership with Intertrust and Riscure, announced the launch of a jointly developed contactless payment application that transforms Android handsets running 8.0 Oreo or later into contactless payment terminals, supporting PIN entry with no additional hardware. "Combining whiteCryption, our world-class application shielding for zero-trust environments, with Riscure's penetration testing and certification, has brought down barriers for Rubean and CCV to deliver streamlined payment capabilities to the market."

The "Undeletable" xHelper malware - which ultimately results in the installation of the Triada trojan - has become a virulent scourge for Android devices this year, according to researcher analysis - bringing with it a hallmark of being virtually indestructible for the common user. According to analysis by Kaspersky, the latest sample of xHelper uses a Russian nesting-doll type architecture to worm its way into the heart of Android devices.

Google this week released the April 2020 set of security patches for the Android operating system to address over 50 vulnerabilities, including four critical issues in the System component. "The most severe of these issues is a critical security vulnerability in the System component that could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of a privileged process," Google notes in an advisory.

In March researchers reported that some apps pay a lot of attention to other apps installed on a device, which in theory could be used to gather data on a user's behaviour and inclinations. The study examined two issues - what proportion of apps exhibited secret behaviours and how these might be used or abused.

A mysterious piece of Android malware that re-installs itself on infected devices even after users delete it or factory reset their devices-making it nearly impossible to remove. xHelper reportedly infected over 45,000 devices last year, and since then, cybersecurity researchers have been trying to unfold how the malware survives factory reset and how it infected so many devices in the first place.