New security heading to Sony devices via “my Xperia” service

Sony has kicked off a new pilot project to bring a remote security service to market for owners of their Xperia smartphone devices. Sony is calling it “my Xperia” as they pilot the service in the Nordics and target a global release during the second quarter of 2013. One of the individuals behind the service, Sony Experience Planner Marcin Zielinski, described some of the service’s features in a one sentence blurb as helping “you locate your misplaced Sony smartphone and protect your personal data.” Read more

Exynos kernel exploit patch starting to roll out for some devices

In December we reported on an exploit that had been discovered in Samsung’s Exynos chips. We have not heard of any malicious activity related to the security hole, though it became a popular vector for rooting devices. After looking into the issue, Samsung has started the process of issue a fix for the vulnerability. The devices and networks include:

  • Sprint Galaxy S II Epic 4G Touch: Sprint’s update FL24 will push out to customers over the course of the next month and will receive Sprint’s Connections Optimizer as part of the update.
  • T-Mobile Galaxy Note II: The T-Mobile version of the Samsung Galaxy Note II is getting an update dubbed T889UVALL4. T-Mobile is pushing this out over-the-air or users can manually update via Kies.

There are other devices on several carriers that have the same chipset and are vulnerable to the exploit. We anticipate seeing patches and updates rolling out for these devices over the next several days as well now that the ball has started rolling.

source: Android Central

Lookout IDs SpamSoldier SMS spammer botnet

Mobile security firm Lookout has posted a security alert on their blog regarding a new threat they have identified for mobile devices. Working with carriers, Lookout has identified SpamSoldier, which they describe as a spammer botnet agent that uses infected phones to send SMS spam messages. They do not indicate which platforms are subject to attack, although the original attack vector is via an SMS message and not through any apps downloaded via app stores. Read more

Exynos kernel exploit could open several Samsung devices to malware or worse

Some bad news is surfacing this weekend for owners of several popular Samsung devices. Members of XDA Developers identified a kernel exploit for devices with certain Exynos processors that could provide root access without flashing the device. According to XDA member alephzain, the vulnerability was discovered on his Samsung Galaxy S III in /dev/exynos-mem. The weakness provides full read/write rights to all physical memory. Read more

McAfee revamps mobile security app with new App Lock feature



 

McAfee is one of the more popular antivirus protections available to PC users, and with the malware on Android devices, they’ve stepped in to provide their trusted protection on smartphones and tablets, too. Recently, McAfee updated their Android application with a refreshed user interface and an innovative new App Lock feature. McAfee claims that since apps like Twitter and Gmail don’t require a password each time you open the app, it’s a possible security threat on your device. App Lock protects against this threat by requiring a pin number each time you want to use one of these applications, protecting you from someone digging through your phone for personal information or even just some nosy friends. This feature can also be used to protect children from having access to certain apps on your device, like the browser or your banking app.

McAfee offers a free trial of the app on Google Play, and offers the paid version at $29.99. Hit the break for the press release and download links. Read more

Microsoft tries to drum up trouble for Android with provocative Tweet

It’s no secret that competition between the major phone platforms (Android, IOS, and Windows Phone) is pretty stiff, with each company doing whatever it can to get a leg up on the competition. Things can get pretty ugly sometimes, with competitors trashing one another and tarnishing each other’s reputation in whatever way they can. Tonight Microsoft joined the fire-fight with a tweet from their Windows Phone twitter account. In it they are calling for their followers to send tweets telling the world about their worst malware story while using an Android phone. These tweets should also include the hashtag #DroidRage. Something tells me that the very vocal Android community won’t take this sitting down and will turn Microsoft’s provoking tweet on its head. After all…when you think of viruses and malware, you tend to think of Microsoft products. Let’s see how this unfolds. If you want to reply to the tweet yourself, check it out at the source link below.

Source: Windows Phone Twitter

S-Memo Found To Save Google Passwords In Plain Text And Is Viewable When Device Is Rooted

 

There are always pros and cons when it comes to rooting your Android devices. Among the major pros are being able to make your Android device much more flexible and slap on things like custom ROMs. On the flip side there are cons such as the potential of major security breaches, such as one that was recently found by XDA user graffixnyc. While going through his S-Memo SQLite files on his Galaxy S III, he found out S-Memo store his Google account password in plain text, instead of the password being encrypted. After posting his issue in an open forum thread, another XDA user named ViViDboarder highlighted rooted devices will be able to view internal contents like that of the SQLite files, though graffixnyc the records of the SQLite files should be encrypted, whether a device is rooted or not.

While this is incredibly troubling to hear, this is a good wake up call for all Android owners, especially owners of rooted devices to take extreme caution in ensuring their sensitive information is safe and secure. The last thing you want is your important information getting into the wrong hands and all.

source: XDA Forums

72% percent of Android apps pose a potential security risk, says study

According to a recent study, 72 percent of all Android applications in the Google Play Store request access to at least one extraneous permission that it doesn’t inherently need to function properly. This number may seem alarming, but let’s break down some of the research firm’s so-called “results.”

According to the published findings:

  • 72 percent of all Android apps (more than 290,000) access at least one high-risk permission.
  • 21 percent (more than 86,000) access five or more.
  • 2 percent (more than 8,000) access 10 or more permissions flagged as potentially dangerous. Read more

Google to fix “smishing” vulnerability recently discovered by NCSU researchers

Smishing, or SMS-phishing, is an old scamming technique that baits users into putting in personal information on fake websites by sending bogus text messages. It hasn’t been too common in the past few years, but some researchers at NC State University have found a vulnerability affecting several Android versions that could make phishing popular again. The exploit identified affects Gingerbread, Ice Cream Sandwich, and even Jelly Bean. Read more

T-Mobile and Lookout delivering Mobile Security Solution to protect customers’ devices

 

Today, T-Mobile and the Lookout team have announced a partnership to bring customers an alternative mobile security solution. Lookout’s Automatic App Security will come pre-loaded on select devices this year on T-Mobile and is expected on most Android devices in 2013, securing smartphones and tablets right out of the box for free.

The second you turn on your T-Mobile Android device that has this pre-installed, your device will automatically be secured upon boot. According to T-Mobile and Lookout:

Lookout will scan all applications upon download, in addition to providing weekly scans for potential threats, using its Mobile Threat Network, the world’s largest database of applications. The user will be notified if the application is determined to be safe or not. If an application is identified as potentially harmful, Lookout will provide information and instructions on how to protect against the threat or uninstall the application.

These days, plenty of people are looking for extra ways to protect their mobile phones. After all, these phones are more like computers these days than actual phones. You can always pay $2.99 extra per month for additional features such as remotely locking your device or backing up photos. Do you guys see this as something you’d love to have or do you see it as something you don’t need and will just add to bloat-ware?

You can check T-Mobile and Lookouts press release after the break for further information!

Read more