Lost+Found: Malware steals images, Hack.LU and a script kiddie
Too short for news, too good to lose; Lost+Found is a roundup of useful and interesting security news. In this edition: a look at hacking an Android banking app, new malware that steals your photos, talks from the Hack.LU security conference, a rather young script kiddie and finding bugs in the iOS kernel.
- On the IOActive Labs Research blog, security researcher Juliano Rizzo has shown how easy it can be for anyone with sufficient knowledge to analyse and bypass common security features with an example Android banking application.
- Trend Micro has discovered a new trojan called TSPY_PIXSTEAL.A that steals up to 20,000 image files from all directories of a victim's system and uploads them to a remote FTP server. Depending on what the malware finds and uploads, these could be used to blackmail users.
- For those who missed this year's Hack.LU conference on computer security, privacy and information technology, the organisers of the event have now made slides and presentation notes from the talks available online for anyone to download.
- Hacking a web site can be a breeze provided that you have access to the right tools: blogger Troy Hunt has a young "script kiddie" looking over his shoulder.
- Nothing to do this weekend? Why not try finding a kernel bug in Apple's iOS mobile operating system?
- And finally, something to relax with: JAM with Chrome is an experiment for Google's Chrome browser that lets you play live music online with other users.