For a long time, the Play Store could be considered the wild west of app distribution, especially compared to Apple's inherently more restrictive App Store. Google is working on improvements though and is becoming more stringent on app permissions, among other things. Still, we're back with another ad fraud scheme right inside the Store, following in the footsteps of last year's Cheetah Mobile investigation. Another Chinese app developer, DO Global, is alleged to have added code in its apps that automatically clicks on ads without users' knowledge. BuzzFeed News first brought these findings to light in collaboration with security researchers Check Point and Method Media Intelligence. They found out that the app developer in question is a spin-off from Chinese giant Baidu who...
A Communications Authority of Kenya (CA) shows report covering October-December 2018 shows a dramatic spike in malware attacks, targeting mobile devices and which has seen unsuspecting Kenyans defrauded in online platforms. A proliferation of mobile applications on popular online stores is thus exposing Kenyans to increased cyberattacks and fraud, the latest sector statistics. ‘‘In particular, there was a rise in cases of malware and the sale of stolen data and credentials including personal data and credit card information,’’notes the report in part. Additionally, the report notes that cyber criminals are targeting their attacks on end-users who have limited cyber security skills. In the three months, the National Kenya Computer Incident Response Team –Coordination
The National Cybersecurity Centre (NCC) detected over 3.8 million cyber threats in the first quarter of 2018-2019, indicating that Kenyans continue to be at a high risk of online attacks. According to a new report by the Communications Authority of Kenya (CA), the threats represented an increase of 11.76 per cent from the last quarter of the year where 3.4 million threats were detected. CA attributed the increased threats to enhanced cyber threat detection capabilities through deployment of additional sensors and increased resources towards cyber threat analysis “The cyber threats detected varied from denial-of-service (DoS) including botnet and brute-force attacks that led to denial of computer services and illegal access to computer systems; online impersonation
An estimated 6.8 million users were affected in the latest photo leak caused by a bug its app development platform that let apps access the private pictures of users, Facebook has revealed. Apps are expected to only have access to images posted on a user’s timeline, however a bug let the apps see any images linked to the account. This includes images on Facebook Stories and Facebook Marketplace, as well as those uploaded but not published. Facebook stores the latter for three days before they are deleted, in case the user decides to publish them. Users are required to give permission for apps to view photos, and only users who gave picture permissions had their images leaked to the apps. Facebook said the bug was active for 12 days between September 13th and September 25th,
Using one password for everything is convenient, but it’s also dangerously insecure. We examine the case of Mark, a young designer. Mark is a regular guy. He has e-mail, Facebook, Instagram, Amazon, eBay, Steam, and Battle.net accounts, not to mention ones for another dozen online stores and a forum dedicated to his favorite video game. The accounts are all linked to his e-mail. One day, the customer database of one of the online stores Mark has an account at suffers a leak (apparently it was kept unencrypted on an open-access server). No credit card information is stolen, but e-mail addresses, names, and passwords are. At first glance, there seems no particular reason to worry. Such leaks happen, and this is just a small online store — can you blame a humble shopkeeper