google


Recently, we found a new Android rootnik malware which uses open-sourced Android root exploit tools and the MTK root scheme from the dashi root tool to gain root access on an Android device. The malware disguises itself as a file helper app and then uses very advanced anti-debug and anti-hook techniques to prevent it from being reverse engineered. It also uses a multidex scheme to load a secondary dex file. After successfully gaining root privileges on the device, the rootnik malware can perform several malicious behaviors, including app and ad... [Read More]
by RSS Kai Lu  |  Jan 26, 2017  |  Filed in: Security Research
Last month, we found a new android locker malware that launches ransomware, displays a locker screen on the device, and extorts the user to submit their bankcard info to unblock the device. The interesting twist on this ransomware variant is that it leverages the Google Cloud Messaging (GCM) platform, a push notification service for sending messages to registered clients, as part of its C2 infrastructure. It also uses AES encryption in the communication between the infected device and the C2 server. In this blog we provide a detailed analysis... [Read More]
by RSS Kai Lu  |  Jan 16, 2017  |  Filed in: Security Research
Google fixed a denial of service vulnerability in Minikin library (CVE-2016-2414) with the Android patches of this month. I reported this vulnerability to Google in early March, 2016 and Google confirmed it was a duplicated report of bug 26413177 which had been reported by another researcher in November, 2015. In this blog, we will provide an in-depth analysis of this vulnerability. It exists because the Minikin library fails to parse .TTF font files correctly. As a result, it could allow a local attacker... [Read More]
by RSS Kai Lu  |  Apr 13, 2016  |  Filed in: Security Research
It was a morning like lots of others...I was headed to the airport for a week in our home office, so I got an early start, checked on the sheep on the way out (yes, sheep), and got on the road. Aside from being ridiculously early, the ride was uneventful until I got to my exit for the Mass Pike. That's I-90 for those of you outside Massachusetts and, when traffic is good (like at 4:30 in the morning), it's the fastest, easiest way to the airport. And the exit was closed. Well darn. I had Google Maps running, not because I didn't know... [Read More]
by RSS Chris Dawson  |  Sep 28, 2015  |  Filed in: Industry Trends & News
Though not a phishing cure-all, it’s a good sign that Google is bringing this issue front and center for millions of Chrome users. Remember those Nigerian email scams that hit so many people a decade ago? They were fairly comical, but effective enough to earn a place in Internet lore and more than a few memes. They were also the predecessors of modern phishing schemes, designed to steal credentials, personal information, financial data, and other information. Cybercriminals can then use this data to steal identities, money, intellectual... [Read More]
by RSS Chris Dawson  |  Apr 30, 2015  |  Filed in: Industry Trends & News
If you haven't had time to read Google's 44 page Android security report, this is a quick recap of what they say, and what we think about it. Globally, their report is consistent with our data, apart from a few glitches and a (not so surprising) trend to minimize security risks ;) Infection rate Google says: Less than 1% of all devices have Potentially Harmful Applications (PHA ~ malware + riskware + adware) Less than 0.15% of devices only downloading from Google Play had PHA FortiGuard: Having our products on the... [Read More]
by RSS Axelle Apvrille  |  Apr 17, 2015  |  Filed in: Industry Trends & News
[Read More]
by RSS Michael Perna  |  Nov 07, 2014  |  Filed in: Industry Trends & News
[Read More]
by RSS Michael Perna  |  Oct 24, 2014  |  Filed in: Industry Trends & News
[Read More]
by RSS Michael Perna  |  Sep 06, 2014  |  Filed in: Industry Trends & News
[Read More]
by RSS Michael Perna  |  Aug 29, 2014  |  Filed in: Industry Trends & News