Security Technology

Updates for the software platform will now arrive on a quarterly basis, beginning in October.

Patients of the Veterans Affairs hospital in Fayetteville, N.C., may have had their personal information exposed after more than 1,000 personal records were improperly disposed of.

Patients of the Veterans Affairs hospital in Fayetteville, N.C., may have had their personal information exposed after more than 1,000 personal records were improperly disposed of.

A federal hearing today on NSA surveillance programs leaked by former NSA contractor Edward Snowden produced some interesting numbers about the scope of the data collections and other issues. We've produced a roundup below of some of the interesting stats ...

Did the government really disrupt a bomb plot targeting the New York Stock Exchange? The FBI deputy director said that today in a Spygate hearing where the government for the first time said the secret spy techniques publicly disclosed ...

To exploit the vulnerability, an intruder would need a user's device password and a bit of skill to access troves of data on the phone.

To exploit the vulnerability, an intruder would need a user's device password and a bit of skill to access troves of data on the phone.

Malicious activity on the anonymity software's network tripped Facebook's "site integrity systems."

Malicious activity on the anonymity software's network tripped Facebook's "site integrity systems."

Last week, we talked about the OBAD Android malware, which installed itself as an administrator on the device and used a vulnerability in Android to hide this fact from the user. One effect of this particular behavior was to make removal of this threat very difficult. Apps that have set themselves up as administrators require user interaction to remove: but because the vulnerability hides the app, it can’t be removed. In response to this threat, we have created the Hidden Device Admin Detector app. This tool’s purpose is simple: it allows users to keep track of and disable apps that have device administrator privileges but are hidden from Android Device Administrator list. Most apps do not need to these device administrator privileges. One can think of them as being analogous to holding root access on a Linux/Unix machine, or having administrator access on Windows. It gives you complete control over the machine. Most apps do not need this level of access; this is why the user has to be prompted to enable these privileges. Apps that do require these privileges include security apps (like Trend Micro Mobile Security) and system administration apps that may be used in BYOD situations. When run, the app will display the apps with administrator privileges that exploit this vulnerability to hide themselves: Figure 1. Hidden Device Admin Detector app From here, users can disable the privileges. Malicious apps with disabled administrator privileges can be removed normally, either by security products or the user. Android does contain this feature as well, but because of the above vulnerability the list it provides may not be complete. Google may patch the vulnerability in the future, but the complicated Android update situation means many users will never get the patch. We recommend that all users download this app and periodically check for malicious apps on their Android devices. You can download the app by going to the Google Play app store. Post from: Trendlabs Security Intelligence Blog - by Trend MicroDetecting Hidden Administrator Apps on Your Mobile Device