PINDROP BLOG

Category: Device Security

May 16, 2016
Ransomware Attack and Defense
By Jessy Irwin In the US, ransomware is earning a significant amount of media attention for shutting down schools and hospitals, but a recent study points to Canada as the country 4th most likely to be a victim of ransomware attacks. With that in mind, this document presents background information, security recommendations and policy for…
Read More →
May 11, 2016
SamSam and the Rise of Corporate Ransomware
The SamSam ransomware that caused serious damage to a California hospital and has infected many other enterprises in the United States is continuing to evolve and add new functionality as its developers look to stay ahead of researchers and defenders. SamSam is part of the newer wave of ransomware variants that don’t just rely on individual…
Read More →
May 9, 2016
FCC, FTC Demand Info From Carriers and Vendors on Security Updates
The FCC and FTC are demanding information from wireless carriers and device manufacturers on their processes for developing and deploying security updates, including whether carriers delay updates for operating systems with known vulnerabilities or stop offering patches for older versions of an OS. The letter from the FCC went to all of the major United…
Read More →
May 9, 2016
Inside the AlphaLocker Ransomware
The ransomware ecosystem has developed largely underground, and insights into the way that the malware is developed and controlled are rare. But researchers at Cylance recently got an inside look at the way that AlphaLocker ransomware goes about its business and found that the operation is surprisingly simple and yet still quite effective. AlphaLocker is…
Read More →
May 5, 2016
Old Android Bug Gives Attackers Access to Texts, Calls
There is an old, high-severity vulnerability in Android that could allow an attacker to gain access to a user’s SMS database and phone history. The bug has been in Android for at least five years and affects a huge number of Android devices. The vulnerability lies in a software package that Qualcomm maintains and it…
Read More →
May 3, 2016
Researchers Find Serious Flaws in Samsung SmartThings Platform
Researchers at the University of Michigan have identified a set of vulnerabilities in Samsung’s SmartThings platform that allowed them to remotely unlock doors, set off smoke alarms, and perform other unwanted actions through the use of overprivileged apps. SmartThings is a platform designed to support the use of a variety of connected devices in a…
Read More →
May 3, 2016
FBI Renews Warning on Ransomware Threat
The FBI has issued a fresh warning about the ransomware epidemic, even as the volume and sophistication of the attacks continues to rise. The latest major incident occurred last week when a power utility in Michigan was hit by a ransomware attack on its corporate network. The attack began, as many do, with a phishing…
Read More →
April 29, 2016
Android Overlay Malware Targeting Banking Apps
There is a growing crop of mobile malware that is designed to overlay a user’s phone screen and harvest banking and other credentials, and the attackers behind these tools have thoughtfully created a range of options, from low-end to premium priced. Researchers at IBM’s X-Force team have been tracking a variety of mobile malware samples…
Read More →
April 28, 2016
On the Wire Podcast: Patrick Wardle
Patrick Wardle is well-known in the security community for his research on Mac OS X security features and malware. He’s demonstrated practical methods for bypassing Gatekeeper and the other security mechanisms in OS X, and he recently released a free tool called RansomWhere? that’s designed to generically detect OS X ransomware, such as KeRanger. Dennis…
Read More →
April 25, 2016
Cyber.Police Android Malware Infects Without User Interaction
There is a new piece of ransomware that is using an exploit for an Android vulnerability to infect devices without any user interaction whatsoever. The Cyber.Police ransomware uses JavaScript to exploit the bug and one of the exploits it employs is a known one that’s been public for more than a year. Researchers at Zimperium…
Read More →