In association with heise online

19 November 2009, 09:41

lost+found: Android, botnets, Top 10, CryptoMan

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit
  • A commercial spyware product is now available for Android. While it can't record conversations, it does log the numbers of all incoming and outgoing calls and send them to a logging server. The malware also continuously registers GPS data and spies out the content of text messages.

  • To infiltrate and counteract modern botnets, it is necessary to understand the protocol between a bot and its C&C server. Researchers have now developedPDF a method that facilitates this task which has been used, for instance, for exposing the communication of the Mega-D botnet.

  • The Open Web Application Security Project (OWASP) has published its Top Ten vulnerabilities in web applications. Unsurprisingly, the top three positions are held by SQL injections, cross-site scripting and session management flaws. Directly accessing objects within the server structure without authentication, for example by manipulating a URL, comes in fourth place, followed by cross-site request forgeries in fifth place.

  • An action figure of crypto guru Bruce Schneier (CryptoMan) is now available to purchase online. The figure comes with a choice of outfits and other options.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit