Monthly Archives: March 2019

Researchers Find Google Play Store Apps Were Actually Government Malware

Say what you may about Apple’s infamous app-approval process. But Google Play Store’s permissive approach is what allows such apps to exists.

Security researchers have found a new kind of government malware that was hiding in plain sight within apps on Android’s Play Store. And they appear to have uncovered a case of lawful intercept gone wrong.

Source: Researchers Find Google Play Store Apps Were Actually Government Malware

Find out more about spyware/malware and some techniques to prevent infection here.

Donated devices are doxing your data, says new research

This is a common and recurring problem due to lack of awareness and the difficulty of securing data. Think twice before you donate your old devices. At least make an attempt to erase or remove the storage device before doing so.

If you are concern with data compliance, you may refer to
NIST SP 800-88r1 – Guidelines for Media Sanitization. For the rest of us, try to adopt security best practices such as:

  • Full disk encryption
  • Use of dedicated software to wipe, especially those from the manufacturer
  • Physical destruction

In the space of six months, one security researcher found thousands of files from dozens of computers, phones and flash drives — most of which contained personal information. All the researcher did was scour the second-hand stores for donated and refurbished tech. New research published by security firm Rapid7 revealed how problematic discarded technology can […]

Source: Donated devices are doxing your data, says new research

Serious Chrome zero-day – Google says update “right this minute”

Writing secure software is impossibly hard. Even with all the resources that the Chrome team has and focus on security that they are famous for, vulnerabilities can still exists and may be exploited for nefarious purpose.

When a security expert on the Chrome team says, “update your Chrome installs… like right this minute” – well, here’s how to check!

Source: Serious Chrome zero-day – Google says update “right this minute”