Tags » David Harley

Android: fake WhatsApp app

Pierluigi Paganini: Fake WhatsApp app in official Google Play Store downloaded by over a million Android users.

“The Reddit user DexterGenius has decompiled the fake WhatsApp version and discovered it is an ad-loaded wrapper which included the code to download a second apk.”

David Harley

David Harley

Apple Updates

Zeljka Zorz for Help Net Security summarizes: Apple protects its Wi-Fi enabled devices from KRACK attack.

Also, updates addressing vulnerabilities in Webkit, Safari, iOS, 3rd party packages in macOS, APFS… 6 more words

David Harley

The (Testing) World Turned Upside Down

Sadly, this is probably the last paper I’ll write for a Virus Bulletin conference. 16 VB papers is probably enough for one career, and at my age travel is more difficult than it was in the 1990s. 72 more words

David Harley

Insecure macOS API. Still.

Michael Mimoso for Kaspersky ThreatPost: DEPRECATED, INSECURE APPLE AUTHORIZATION API CAN BE ABUSED TO RUN CODE AT ROOT.  Quote from the blog:

A deprecated Apple authorization API, invoked by third-party installers, is still developers’ preferred choice for updating apps and services on macOS … The situation is known and was  21 more words

David Harley

SE Labs on Effective AV

In my previous (very brief) post I was mildly critical of AV-Test for publishing a comparative review of OS X Sierra products without much in the way of information about methodology. 127 more words

David Harley