News

7/3/2016
08:00 AM
Steve Zurier
Steve Zurier
Slideshows
Connect Directly
Twitter
RSS
E-Mail
50%
50%

6 Ways To Keep Androids Safe

Security managers have their hands full protecting Android devices, but there are common sense steps they can take to beat back attackers.
Previous
1 of 7
Next

Image Source: www.technewstoday.com

Image Source: www.technewstoday.com

Android malware has found its way into security industry news again in the past several days.

First, Trend Micro reported last week that the so-called “Godless” mobile malware can target any Android running Android 5.1 (Lollipop) or earlier. The company said the malware has affected more than 850,000 devices worldwide and can be found in prominent app stores such as Google Play.

Then on Wednesday, Cheetah Mobile estimated that a Chinese hacking organization was making $500,000 a day via a Trojan dubbed “Hummer.” Calling it the most prolific Trojan in history, the company reported that during the first half of 2016 alone, Hummer infected nearly 1.4 million devices worldwide. In China alone there were 63,000 infections a day.

Despite Google’s attempts over the past several years to do a better job issuing patches and vulnerability reports, the news about Android phones being attacked should come as no surprise.

Farokh Karani, director of North American Sales & Channels for Quick Heal Technologies, said the company’s research found that 90 percent of Android devices two years or older have an operating system that’s vulnerable. That’s significant because Statistica reports that about half of the installed based of Android phones are at least two years old. 

“We’ve found that there are a lot of users who don’t upgrade every two years, like many techies do, and they are vulnerable to malware,” he said.

And Mike Murray, vice president of research and response at Lookout, added that as companies continue to rely on enterprise-class mobile devices and smartphones in the enterprise to replace laptops they are more vulnerable to attack.

“Attackers are increasingly shifting their focus to mobile platforms, seeking out vulnerabilities to exploit and developing more sophisticated attacks,” he said.  

Dark Reading spoke to Lookout and Quick Heal Technologies to learn more about what security managers can do to protect their users. Here’s what they recommend to keep the hackers at bay, including a detailed list of Quick Heal’s Top 10 Android malware strains from a recent quarterly report.

.

 

Steve Zurier has more than 30 years of journalism and publishing experience, most of the last 24 of which were spent covering networking and security technology. Steve is based in Columbia, Md. View Full Bio

Previous
1 of 7
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Gen Chang
50%
50%
Gen Chang,
User Rank: Apprentice
7/5/2016 | 11:01:34 PM
Re: More ways
I'm surprised you didn't list a browser with adblocking capabilities. All the rest of your suggestions are great. The last one, I'm not familiar with, and so, will look it up. I'm using a new global ad blocker for no-root that's just been published to GitHub. Block This is the name, and if you Google the name, there's lots more information. XDA has a couple threads and readit too.
Anwarali
50%
50%
Anwarali,
User Rank: Apprentice
7/5/2016 | 1:37:41 AM
Re: More ways
good post.

theb0x
100%
0%
theb0x,
User Rank: Ninja
7/4/2016 | 9:53:17 AM
More ways
1) Disable all unnessisary services / applications

2) Keep Bluetooth off unless currently being used to help prevent Bluejacking attacks

3) Install a firewall. There are plenty of firewalls that do not require root. (ie No Root Firewall) They use a locally bound VPN loopback to allow the filtering of all network traffic

4) Turn off WiFi when not being used to prevent authentication with rogue access points and MITM attacks

5) Use a VPN on all Wifi networks

6) Be aware of apps with excessive permisions

7) Disable EXIF geolocation metadata on your camera

8) Encrypt your phone

9) Set a screen autolock that requires a pin / pattern

10) Disable ADB Developer Tools

11) Disable visable passwords typed in all apps

12) Install Netcut Defender to prevent ARP Spoofing and Internet Gateway Spoofing attacks

 

 

 
6 Security Trends for 2018/2019
Curtis Franklin Jr., Senior Editor at Dark Reading,  10/15/2018
6 Reasons Why Employees Violate Security Policies
Ericka Chickowski, Contributing Writer, Dark Reading,  10/16/2018
Getting Up to Speed with "Always-On SSL"
Tim Callan, Senior Fellow, Comodo CA,  10/18/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Latest Comment: Too funny!
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-10839
PUBLISHED: 2018-10-16
Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.
CVE-2018-13399
PUBLISHED: 2018-10-16
The Microsoft Windows Installer for Atlassian Fisheye and Crucible before version 4.6.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.
CVE-2018-18381
PUBLISHED: 2018-10-16
Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.
CVE-2018-18382
PUBLISHED: 2018-10-16
Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.
CVE-2018-18374
PUBLISHED: 2018-10-16
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.