Latest news with #BleepingComputer
Yahoo
4 days ago
- Yahoo
This Android malware poses as real apps to take you to dangerous sites and flood your phone with spam
When you buy through links on our articles, Future and its syndication partners may earn a commission. A new version of the Konfety malware that attacks the best Android phones now uses distorted APK files as well as other methods in order to avoid being detected and analyzed. As reported by Bleeping Computer, this latest Konfety malware strain, which is neither spyware nor a remote access trojan, can pretend it is a legitimate app by copying both the branding and names of real apps from the Google Play Store. Konfety mimics real products available on the Play Store, though it does not reproduce the same functionality of those apps. Likewise, it's distributed and promoted through third-party stores. This is a method that researchers have sometimes called a 'decoy twin' or 'evil twin' tactic, and is exactly why it is recommended to only download software from trusted publishers and to avoid installing APK files from third-party app stores. Still, some users will resort to searching on these marketplaces for supposedly free versions of popular apps either because they don't have access to Google services as their Android device isn't supported or because they don't want to pay for legitimate software. Here's everything you need to know about this new Android threat including some tips and tricks to help keep your phone safe from hackers and malware free. Hiding in plain sight Once Konfety has been installed on a victim's device it uses a malformed ZIP structure to avoid analysis and detection, and will begin its malicious behavior. It can redirect users to dangerous websites, install unwanted apps and provide fake browser notifications. Additionally, it can produce ads using a CaramelAds SKD and exfiltrate device data like installed apps, network configuration and system information. Thanks to the capabilities of this latest version, it can also hide its app icon and name, and then use geofencing to alter its behavior depending on the region the device is located in. It performs all its nefarious hidden features courtesy of an encrypted DEX file inside the APK which is loaded and decrypted during runtime, and contains hidden services declared in the AndroidManifest file which allows for the delivery of more dangerous modules. Konfety also manipulates the APK files to confuse and break static analysis and reverse engineering tools by signaling that the file is encrypted when it is not, which triggers a false password prompt when trying to inspect the file. This can block or delay access to the APKs contents. Next, critical files within the APK are declared using BZIP compression, which is not supported by analysis tools and this results in a parsing failure. Android ignores the declared method and returns to the default processing which allows Konfety to install and run on the device without issue. How to stay safe from Android malware First and foremost, to avoid falling victim to the Konfety malware and other Android malware strains, it's essential that you don't sideload apps on your devices. While it may seem convenient, doing so puts you at serious risk from malware, adware, spyware and other threats. The reason being is that sideloaded apps from third-party app stores or those downloaded as APK files don't go through the same rigorous security checks that they would on the Google Play Store or other first-party app stores like the Samsung Galaxy Store. From there, you want to make sure that Google Play Protect is enabled on your Android phone. This pre-installed security app scans all of your existing apps and any new ones you download for malware. For extra protection though, you may also want to install and run one of the best Android antivirus apps alongside it. Malicious apps are one of the easiest ways for hackers and other cybercriminals to establish a foothold on your devices, so they likely won't be going anywhere anytime soon. Instead, it's up to you to carefully vet each and every app you download and install. You also want to keep in mind that if an app sounds too good to be true, it probably is. By sticking to official, first-party app stores and by limiting the number of apps you have installed on your phone overall, you should be able to safely avoid this new version of Konfety and other Android malware strains entirely. Follow Tom's Guide on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button. More from Tom's Guide 5.4 million hit in major healthcare data breach — names, emails, SSNs and more exposed Google Gemini flaw exploited to turn AI-powered email summaries into the perfect phishing tool — everything you need to know This new Android attack could trick you into compromising your own phone — everything you need to know
Yahoo
4 days ago
- Yahoo
Your Ring cameras weren't hacked over the weekend — here's what actually happened
When you buy through links on our articles, Future and its syndication partners may earn a commission. If you noticed a flurry of unauthorized devices logged into your Ring account recently, you're not alone and no, you weren't hacked. As reported by BleepingComputer, Ring, which makes some of the best video doorbells and home security cameras, has revealed that a bug in a backend update led to customers around the world believing their accounts might have been hacked. In a post on Facebook, the company explained that it was aware of 'a bug that incorrectly displays prior login dates as May 28, 2025.' Ring also updated its status page, explaining that the bug led to information being incorrectly displayed within the Control Center in its app. The company also went on to say that 'we have no reason to believe this is the result of unauthorized access to customer accounts.' In addition to fake login entries, some Ring customers reported that they saw unknown devices, strange IP addresses and even countries they've never been to in their Authorized Client Devices list. As BleepingComputer points out, this led many of them to believe that these entries couldn't just be previous logins. To make matters worse, it took Ring a lot longer than many customers believed it would to reverse the faulty backend update that led to all this confusion in the first. In fact, even after three days, some users are still seeing logins from unrecognized devices. Likewise, some users reported seeing live view activity when no one within their household had accessed the app. At the same time, other customers reported that they didn't receive security alerts or multi-factor authentication prompts when new devices were added to their Ring app. How to keep your Ring account safe from hackers Seeing unauthorized devices access your video doorbell and home security cameras is certainly the kind of thing that can leave someone shaken up. It could also indicate that your account was hacked which is why this backend update bug led to an uproar online from Ring users. If you're worried about unauthorized devices accessing your Ring account, you can open the app, head to Control Center and then to Authorized Client Devices. There, you'll see a list of all devices and logins. If there are any there you don't recognize, then you should remove them immediately. Although Ring has done its best to assure users that this was not a data breach, it's still a good idea to change your password if you haven't done so recently. Just like with the rest of your online accounts, you want to ensure you're using a strong and complex password in the Ring app. If you have trouble coming up with passwords on your own or even just remembering them, then you might want to consider using one of the best password managers. Not only will they generate strong and unique passwords for all of your online accounts but a password manager also stores all of your credentials securely in one place so that they're easy to find. In addition to changing your Ring password, you should also set up two-factor authentication for your account if you haven't done so already. That way, anyone who tries to login to your account will also need a single-use code to gain access to it. I've reached out to Ring in regard to this recent backend update bug and will update this story accordingly if and when I learn more. In the meantime though, an incident like this one while scary could be the wake-up call you needed to start taking your online security more seriously. It's one thing to lose access to an account and it's another to potentially have strangers watching your every move online. When it comes to the best home security cameras, you always want to make sure that you keep their apps updated and that you're using a strong and complex password that you aren't using for any of your other online accounts. Follow Tom's Guide on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button. More from Tom's Guide How to enable two-factor authentication (2FA) for Ring cameras Which Ring Video Doorbell should you buy? Ring backtracks, lets cops once again request video from your doorbell and security cameras
Tom's Guide
21-07-2025
- Tom's Guide
Microsoft releases emergency security updates to fix SharePoint zero-day flaws — everything you need to know
Microsoft has released two emergency patches to address zero-day vulnerabilities that have been found in SharePoint RCE. Actively exploited in attacks, the two flaws (tracked as CVE-2025-53770 and CVE-2025-53771) are both 'ToolShell' attacks that compromise services and that build on flaws that were fixed as part of July's Patch Tuesday updates. As reported by Bleeping Computer, the new flaws were exploited by researchers back in May at a Berlin hacking contest. They did so by using a vulnerability chain that enabled the researchers to achieve remote code execution in Microsoft SharePoint. Threat actors were then able to use zero-day flaws that built on the patches from previous issues and have been conducting toolshell attacks on SharePoint servers that have directly affected over 50 organizations. The emergency patches that Microsoft has pushed out have fixed both flaws in Microsoft SharePoint Subscription Edition and SharePoint 2019 but there is currently no fix available for SharePoint 2016. Administrators should install the available updates immediately, and then rotate the machine keys as well as consider analyzing the logs and file system for the presence of malicious files or any evidence of exploitation. Follow Tom's Guide on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button. Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
Fox News
21-07-2025
- Fox News
New Android attack tricks you into giving dangerous permissions
A team of academic researchers has uncovered a new Android security exploit that raises a lot of questions about the platform's permission system. The technique, named TapTrap, uses user interface animations to visually deceive you into granting sensitive permissions or performing harmful actions. Unlike earlier tapjacking attacks, TapTrap Android attack works by launching transparent system prompts over regular app interfaces. The result is a near-invisible layer that silently captures your taps and interactions. Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide - free when you join my As reported by Bleeping Computer, TapTrap takes advantage of how Android handles activity transitions between apps. A malicious app can launch a system-level screen using the standard start Activity function but modify how the screen appears using a custom animation. By setting both the start and end opacity to a very low value, such as 0.01, the activity becomes nearly invisible to the user. Touch input is still fully registered by the transparent screen, even though users only see the visible app underneath. Attackers can also apply a scaling animation that enlarges a specific user interface element, such as a permission button, so that it fills the screen. This increases the chance that a user will unknowingly tap the button. The researchers released a video showing how this technique could be used in a gaming app to quietly launch a Chrome browser permission prompt. The prompt asks for camera access, and the user taps "Allow" without realizing what they have done. Because the malicious screen is transparent, there are no visual cues to suggest anything suspicious is happening. To assess how widespread the vulnerability might be, the researchers tested nearly 100,000 apps from the Play Store. About 76% were found to be potentially vulnerable, not because they are malicious, but because they lack key safeguards. These apps had at least one screen that could be launched by another app, shared the same task stack, failed to override the default transition animation, and did not block user input during the transition. Android enables these animations by default. Users can only disable them through settings that are typically hidden, such as Developer Options or Accessibility menus. Even the latest Android version, tested on a Google Pixel 8a, remains unprotected against this exploit. GrapheneOS, a security-focused operating system based on Android, confirmed that its current version is also affected. However, it plans to release a fix in its next update. Google has acknowledged the issue and said a future Android update will contain a mitigation. While no exact timeline has been announced, Google is expected to change how input and animations are handled to prevent invisible tap interception. The company added that developers must follow strict Play Store policies and that any app found abusing this vulnerability will face enforcement actions. 1) Consider a mobile security app: Use a trusted antivirus or mobile security app that can detect suspicious behavior or alert you to apps using overlays or accessibility features improperly. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at 2) Be selective about the apps you install: Avoid installing apps just because they're trending or have flashy ads. Check developer credibility, recent reviews and app permissions before downloading. 3) Stick to the Google Play Store: While not perfect, the Play Store has better safeguards than random APK sources. Avoid installing apps from third-party stores or unknown websites. 4) Pause before granting permissions: If an app suddenly asks for access to your camera, microphone, or other sensitive features, take a moment. Always ask yourself if this app really needs this permission right now. TapTrap shows that security threats do not always come from complex code or aggressive malware. Sometimes, small oversights in visual behavior can open paths for serious abuse. In this case, the danger lies in what users do not see. People trust what they can see on their screens. This attack breaks that link by creating a visual mismatch between intent and outcome. Do you trust the apps you install from the Play Store, or do you dig deeper before downloading? Let us know by writing us at Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide - free when you join my Copyright 2025 All rights reserved.
Time of India
21-07-2025
- Business
- Time of India
Dell confirms breach of test lab platform by World Leaks extortion group: Bleeping Computer report
Dell Confirms Breach Of Test Lab Platform By World Leaks Extortion Group - Bleeping Computer Elevate your knowledge and leadership skills at a cost cheaper than your daily tea. From near bankruptcy to blockbuster drug: How Khorakiwala turned around Wockhardt Paid less than plumbers? The real story of freshers' salaries at Infy, TCS. What if Tata Motors buys Iveco's truck unit? Will it propel or drag like JLR? As deposit ground slips under PSU banks' feet, they chase the wealthy If data is the new oil, are data centres the smokestacks of the digital age? Stock Radar: M&M likely to break out from 1-year consolidation range; time to buy? Will consumer stocks see a comeback this festive season? 12 stocks to keep an eye on even when analysts are not bullish Don't fear volatility, focus on businesses: 5 mid-cap stocks from different sectors with upside potential of up to 27% Best way to deal with volatility, just ' Hold' for wealth creation: 7 large-cap stocks with an upside potential of up to 41%
