19 November 2009, 09:41
lost+found: Android, botnets, Top 10, CryptoMan
- A commercial spyware product is now available for Android. While it can't record conversations, it does log the numbers of all incoming and outgoing calls and send them to a logging server. The malware also continuously registers GPS data and spies out the content of text messages.
- To infiltrate and counteract modern botnets, it is necessary to understand the protocol between a bot and its C&C server. Researchers have now developed
a method that facilitates this task which has been used, for instance, for exposing the communication of the Mega-D botnet.
- The Open Web Application Security Project (OWASP) has published its Top Ten vulnerabilities in web applications. Unsurprisingly, the top three positions are held by SQL injections, cross-site scripting and session management flaws. Directly accessing objects within the server structure without authentication, for example by manipulating a URL, comes in fourth place, followed by cross-site request forgeries in fifth place.
- An action figure of crypto guru Bruce Schneier (CryptoMan) is now available to purchase online. The figure comes with a choice of outfits and other options.
(djwm)
Print Version | Send by email
| Permalink: http://h-online.com/-863750
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
