Security

A new variant of Android malware quite literally hides its activities. 'Octo' darkens the screen so that users can't see it stealing data. Researchers at Threat Fabric say the malware takes advantage of a built-in Android feature called ... "STREAM_SCREEN". It's not quite a live feed, but remotely transmits around one screenshot a second. (Source: threatfabric.com ) The scammers then misuse an accessibility feature in Android to remotely control the device. The stream screening lets them see what they are doing, despite not having physical access. Black Screen Disguise The sneakiest ... (view more)

Google has issued a third zero-day bug warning for Chrome this year. While the browser will auto-update, it's a reminder not to leave it open indefinitely. In short, a zero-day bug refers to the time developers discovered the problem and were able ... to roll out a fix. Ideally, they'll have a head start and can either get the patch in place before would-be attackers even start working on exploiting it. In this case, however, attackers not only know about the bug but are already taking advantage before developers can roll out a fix. Memory Compromised This particular bug is described as a "type ... (view more)

Microsoft is releasing a major security update to Windows 11 that could theoretically block malicious applications completely. It's such a fundamental change in the operating system that it will require a reset and clean installation of Windows. At ... the moment, most of the built-in security on Windows uses two main approaches. One is to scan any files or links the user wants to open or download, then alerts the user if they match any know threats. This is referred to as file and link scanning. The other is to scan files on the hard drive to look for anything suspicious. This is usually done in ... (view more)

Scammers who don't want to write their own malware can now pay just $20 to start a campaign of attacks. They can then customize their "bait" with Windows installations and non-fungible tokens (NFTs) among the ways to target users. The malware is ... available on dark web sites. These are sites that are part of the world wide web, but set up in a way that means they aren't indexed by search engines. That makes them suitable for people who don't want their activities easily traced. A piece of malware called BitRAT costs just $20 for lifetime access. The name derives from "remote ... (view more)

A security researcher has warned that a fake browser could be used to more effectively scam users into handing over login details. Password managers and similar tools may be one way to combat the tactic. The warning comes from a security researcher ... who chooses to use the pseudonym mrd0x. They dubbed the approach a "browser-in-the-browser" attack. (Source: mrd0x.com ) The tactic would take advantage of websites that have registration and accounts but let users sign in with a third party account such as Google or Facebook. This works by displaying a pop-up window that's hosted by the ... (view more)

Microsoft has warned users that a "wipe clean" option in Windows won't remove all files thanks to an ongoing bug. It's mainly a practical problem for anyone planning to sell or give away a computer with hopes of removing all personal data prior. The ... problem is specifically with the reset option in Windows that lets users "reinstall" the system without needing to download files or create a USB or DVD boot disc. This option always removes all installed applications, but users have a choice whether or not to also remove files such as documents. When they choose "remove everything", ... (view more)

Nearly three in every four dollars paid to ransomware scammers goes to Russian-affiliated groups according to new research. The authors also accuse Russia of turning a blind eye to large-scale money laundering. The figures come from Chainalysis, ... which tracks crime involving cryptocurrencies. These are "virtual" currencies such as Bitcoin where all transactions are tracked on a public "ledger". The way cryptocurrencies work means its relatively straightforward to track the amount of money a particular user has spent or received. However, it's often difficult to prove who a particular user is. ... (view more)

Security experts have reminded users to take extra care when sourcing installation files for Windows 11. A look-alike "Microsoft" site was actually distributing some nasty malware. Normally such scams tend to mainly work on people who are either ... trying to get round paying for software or are trying to get early access without going through official test programs. That's not quite the case with Windows 11 where people running "incompatible" machines can still upgrade to the system by downloading official files and creating a USB installation. However, when some people came looking for Windows ... (view more)

Microsoft is making it harder for scammers to distribute ransomware and other malware through Office documents. However, the tighter block on visual basic macros running by default may frustrate some users. A macro is a way of reducing a series of ... instructions to a single instruction, while VBA (visual basic language) is a way of handling macros in Microsoft programs. It's often used for frequently performed tasks. To give a hypothetical example, a user could create a macro in a spreadsheet that means pressing a couple of keys together which tells the computer to check two columns for any ... (view more)

The people behind an online service for buying and selling stolen credit card details say they are retiring for health reasons. The unknown owners reportedly made $358 million from their "marketplace." The UniCC service operated on a so-called ... darknet, only accessible through special software designed to make it much harder to track who visited which online service. The BBC notes that the site had operated since 2013 and estimates users listed "tens of thousands" of stolen card details every day. It appears to have been particularly popular for criminals who had carried out major data ... (view more)