Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Attack Turns Android Devices Into Spam-Spewing Botnets
Newest First  |  Oldest First  |  Threaded View
Tibor Klampar
50%
50%
Tibor Klampar,
User Rank: Apprentice
12/20/2012 | 3:03:09 AM
re: Attack Turns Android Devices Into Spam-Spewing Botnets
Android.. Dream come true for malware developers..
johnitguru
50%
50%
johnitguru,
User Rank: Apprentice
12/20/2012 | 12:36:36 AM
re: Attack Turns Android Devices Into Spam-Spewing Botnets
EXTREME MicroKlunk Redmond FUD!

99.9% of all Android users do not use 3rd party download sites.
They use Google Play which is 100% safe from malware.

No matter how much Mafiasoft FUD is spewed, NO one is going to be stupid
enough to buy a WIndoZe 8 Virus Trap phone that reboots 25 times a day
and freezes up constantly.

kjhiggins
50%
50%
kjhiggins,
User Rank: Strategist
12/19/2012 | 8:15:15 PM
re: Attack Turns Android Devices Into Spam-Spewing Botnets
These types of scams are fairly rudimentary, but worrisome: when these attacks become more convincing and sophisticated, the Android platform could provide the bad guys massive numbers of prospective bots.

Kelly Jackson Higgins, Senior Editor, Dark Reading
ukjb
50%
50%
ukjb,
User Rank: Apprentice
12/19/2012 | 8:01:42 PM
re: Attack Turns Android Devices Into Spam-Spewing Botnets
FUD
Stick to Google Play and you will be fine.


More SolarWinds Attack Details Emerge
Kelly Jackson Higgins, Executive Editor at Dark Reading,  1/12/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...
CVE-2021-25173
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2021-25174
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).