Android Vulnerabilities and Exploits in the Wild!

Android garden

Time to Do what?

When I was researching this on the web I didn’t expect to find so much stuff, but I do think IOS has more vulnerabilities then Android but it isn’t as bad as Apple IOS problems!

I am not going to talk about all of them but just a few that have peaked my interest!

The ‘Master Key’ Exploit

A simple but yet easy way to fool your Operating System and gain more access than it should.  The name doesn’t mean they actually have the master key to your device.   It is using what all Android devices use in the APK.  The MANIFEST.MF, which if done right, will have two more copies in the APK (Zip file).   When the Android OS installs this APK it will use the the last MANIFEST.MF and thus it can gain more access than you once thought.   Be able to communicate with a server  or copy your contacts.   I’ve pretty much come to the conclusion that 3rd party apps are dangerous now and I will not use anything but Google or Maybe even Amazon US app store!  

The ‘Webview’ JAVA Exploit

If you don’t use JAVA you will need to consider disabling it in Android.  While this one is a little more trickier and harder to avoid if you use Java, you best bet is to install Dolphine Browser, FireFox, and/or Chrome.   Then install a java an Addon or and Extension that does not allow Java to be used unless you specify.   This exploit can send SMS, or send out emails from you to spam your friends and family.   So this is one that you must start worrying about to a point.

The ‘Scarevertising’ Exploit

This last one I have seen become very prevalent and thus you should be on the lookout for this!   They claim in either a push notification or in some kind of inside application banner that basically tries to scare you into thinking you have a virus.   I’m not sure which advertising networks are being used but you can bet this will be a constant problem.   Some rules of thumb are install only from the Google App Store and never install any third party apps, which some call side along install.  

If your worried and you want to protect your Android Device, here are a few free applications that will help and hopefully keep you safe:

The last thing I can say is there are more than 100 different anti virus apps out there but it all depends on the end user (you) to know and trust vendors who are reputable and you can trust.   If you don’t know the Anti virus Company than maybe they shouldn’t be used.   I do hope I have helped you find what your looking for and we will discuss more in the future on Android Exploits!

 

The NSA and You, what they probably know about you!

A Spy's Spy

NSA has Secrets!

VPN4ALL TurbostreamIn a recent report by USA Today, we see just how much the NSA is keeping behind closed doors! I have been seeing this come over the years and quite frankly have expected this to happen.   Nothing has changed in my mind, but I am sure everyone is either quite uncomfortable or in denial of the whole thing.  They have everything they need including your identity, although they already had that if your a US citizen.

Cell Phone Data!

With Prism program being exposed you can bet they are wire taping all the data from Cell Phones, your IMEI, GPS location, and even who you sent or received text messages from.  That is however where you should worry.   

Most phones are using data to place phone calls now a days.   We have went from analog to digital on over the air televisions and they did the same thing to digitial voice calls.   So when you dial your cell phone and talk to your friend or family member.   You can bet the NSA is listening in.   

Emails and You!

Just like Google will look for keywords in your emails to serve up relevant ads in your Gmail account. That was to unexpected they have to make money somewhere.   It can be very dangerous though to email someone with really bad words and I mean those words you don’t want to flag you as a potential terrorist.  Emails are being sent to other servers without encryption and this is a good example on how the NSA is also getting your private emails to friends and family.

All Data is be collected!

I am almost certain that all data you have is being collected at some form or another.   You can really expect it to change over night but you can at least keep what privacy you have safe and secure.   You need something like VPN4ALL Enhanced VPN Security Military Grade Encryption Hide your Identity from Hackers and Government ALIKE.   I won’t say this is the only thing you need but it will help you protect your privacy online.   I like them because they have mobile VPN that you can use with your mobile phones and tablets and keep your safe and secure.

 

trojan.zlob removal tricks!!

[ad#ad2-right]

Aliases:
Trojan-Downloader.Win32.Zlob.qyl (Kaspersky)
Trojan-Downloader.Win32.Zlob.qzs (Kaspersky)
Trojan-Downloader.Win32.Zlob.qzn (Kaspersky)
Trojan.Zlob.CPP (BitDefender)
Puper (McAfee)
SystemDefender (Symantec)

Trojan:Win32/Zlob.G is a component of Win32/Zlob that downloads rogue security programs, adware, and additional Win32/Zlob components.

[Via Windows Live OneCare]

[ad#ad2-left]This one just popped up today on my radar it seems to be a very low threat on everyone’s radar according to my sources say “Trojan.Zlob.G is a Trojan horse that may download and execute remote files and redirect the Internet Explorer home page and search page.”  So to remove this little Trojan you would want to download one an Anti-virus and firewall.   Once you install the software the program should fix the problem for you.   This one seems to be really easy to fix.   So Please read my post on how to better protect your self if you want to prevent this in the future.