January 23, 2017 – Tech Today w/ Ken May

Virulent Android malware returns, gets >2 million downloads on Google Play

Enlarge (credit: portal gda ) A virulent family of malware that infected more than 10 million Android devices last year has made a comeback, this time hiding inside Google Play apps that have been downloaded by as many as 12 million unsuspecting users. HummingWhale, as the professionally developed malware has been dubbed, is a variant of HummingBad, the name given to a family of malicious apps researchers documented in July invading non-Google app markets . HummingBad attempted to override security protections by exploiting unpatched vulnerabilities that gave the malware root privileges in older versions of Android. Before Google shut it down, it installed more than 50,000 fraudulent apps each day, displayed 20 million malicious advertisements, and generated more than $300,000 per month in revenue. Of the 10 million people who downloaded HummingBad-contaminated apps, an estimated 286,000 of them were located in the US. HummingWhale, by contrast, managed to sneak its way into about 20 Google Play apps that were downloaded from 2 million to 12 million times, according to researchers from Check Point, the security company that has been closely following the malware family for almost a year. Rather than rooting devices, the latest variant includes new virtual machine techniques that allow the malware to perform ad fraud better than ever, company researchers said in a blog post published Monday . Read 6 remaining paragraphs | Comments

Visit link:
Virulent Android malware returns, gets >2 million downloads on Google Play

Western Union fined $586 million for colluding with organized crime

Image: David Weekly/Flickr Western Union admitted it behaved criminally through its “willful failure to maintain an effective anti-money laundering program and aiding and abetting wire fraud,” reports Forbes. They’ve agreed to pay a $586 million fine. From the Forbes article : In a statement from the U.S. Department of Justice and Federal Trade Commission on Thursday, authorities describe insufficient or poorly enforced policies that resulted in the funneling of hundreds of millions of dollars in proceeds from illegal gambling, fraud and drug and human trafficking. … In one case, illegal immigrants from China sent money back to the people who smuggled them across the border. With the help of employees, the payments were structured so that they didn’t trigger reporting requirements under the Bank Secrecy Act, say authorities. In another example, Western Union processed hundreds of thousands of transactions for an international scam, wherein fraudsters directed people to send money in order to claim a prize or help a relative. Western Union employees often processed the payments in return for a cut of the proceeds, say authorities. From CFO : Wifredo A. Ferrer, the U.S. Attorney in Miami, said the misconduct reflected “a flawed corporate culture that failed to provide a checks and balances approach to combat criminal practices.” “Western Union’s failure to implement proper controls and discipline agents that violated compliances policies enabled the proliferation of illegal gambling, money laundering and fraud-related schemes,” he added. I’m not a fan of civil asset forfeiture, which is basically a way for law enforcement to steal money and assets from anyone without charging them with a crime. But in this case, it seems appropriate for the government seize the assets of the CEO of Western Union, Hikmet Ersek, until he can prove that his $8.5 million salary didn’t depend on Western Union’s admitted criminal activities.

See the original post:
Western Union fined $586 million for colluding with organized crime

iOS 10.2.1 is all about fixing bugs and patching security holes

Enlarge (credit: Andrew Cunningham) After several weeks of beta testing, Apple has released iOS 10.2.1 to the public today. The update is fairly minor and includes no major improvements to core iOS apps or features. The release notes say only that it fixes bugs and includes security improvements. The security page for the update lists a number of vulnerabilities in the kernel, WebKit, and the Contacts app that have all been fixed. Apple also addressed a bug that could allow attackers to briefly access the home screen on an Activation Locked iPad that had been reset . The update is available for everything that runs iOS 10: the iPhone 5 and newer, the fourth-generation iPad and newer, the iPad Mini 2 and newer, both iPad Pros, and the sixth-generation iPod Touch. Small updates for watchOS 3 and tvOS 10 , both of which are iOS-based, have been released as well. The release of iOS 10.2.1 clears the deck for betas of iOS 10.3, which is likely to be the final major revision to iOS 10 before work begins in earnest on iOS 11. We don’t know much about what Apple plans to include in this next update, but older rumors suggest that it may renew focus on the iPad in advance of some new tablet launches in the spring. Hope also springs eternal about a dark mode for iOS. Read on Ars Technica | Comments

View article:
iOS 10.2.1 is all about fixing bugs and patching security holes

All Chromebooks launching in 2017 will be compatible with Android apps

All Chromebooks new in 2017 will support Android apps out of the box. An update will not be required. Owners will be able to take the Chromebook home, open it up and immediately access the Google Play Store. The news comes from a single line of text on Google’s list of Chromebooks compatible with Android apps. “All Chromebooks launching in 2017 and after as well as the… Read More

Star Wars: Episode VIII Is Now Star Wars: The Last Jedi

The next chapter of the Star Wars saga finally has a name, and it’s Star Wars: The Last Jedi . Read more…

Samsung Finally Releases Note 7 Disaster Autopsy

As promised , Samsung has revealed the results of its investigation into the spate of Galaxy Note 7s that caught on fire. Read more…

Read this article:
Samsung Finally Releases Note 7 Disaster Autopsy

The 32-Bit Dog Ate 16 Million Kids’ CS Homework

“Any student progress from 9:19 to 10:33 a.m. on Friday was not saved…” explained the embarrassed CTO of the educational non-profit Code.org, “and unfortunately cannot be recovered.” Slashdot reader theodp writes: Code.org CTO Jeremy Stone gave the kids an impromptu lesson on the powers of two with his explanation of why The Cloud ate their homework. “The way we store student coding activity is in a table that until today had a 32-bit index… The database table could only store 4 billion rows of coding activity information [and] we didn’t realize we were running up to the limit, and the table got full. We have now made a new student activity table that is storing progress by students. With the new table, we are switching to a 64-bit index which will hold up to 18 quintillion rows of information. The issue also took the site offline, temporarily making the work of 16 million K-12 students who have used the nonprofit’s Code Studio disappear. “On the plus side, this new table will be able to store student coding information for millions of years, ” explains the site’s CTO. But besides Friday’s missing saves, “On the down side, until we’ve moved everything over to the new table, some students’ code from before today may temporarily not appear, so please be patient with us as we fix it.” Read more of this story at Slashdot.

View original post here:
The 32-Bit Dog Ate 16 Million Kids’ CS Homework