December 7, Softpedia – (International) Malware steals iOS and BlackBerry backups via infected PCs. Palo Alto Networks released a report stating that many mobile backup tools lack secure encryption protocols, which can allow attackers to steal local mobile backup data and sensitive information from infected Apple Mac and Microsoft Windows computers, and discover and extract Apple iOS and Microsoft BlackBerry backup files via 6 trojan families that use the BackStab attack technique. Security researchers advised users to use backup tools that supports encryption, to maintain routine updates to their mobile operation system (OS), and to use an antivirus product, among other recommendations. Source
December 7, SecurityWeek – (International) Rootnik trojan modifies legitimate root tool to hack Android devices. Researchers at Palo Alto Networks discovered a new trojan, dubbed Rootnik, that uses the Root Assistant utility to gain root access on Android devices, which can allow attackers to download executable files from remote servers for local execution; steal Wi-Fi passwords, keys, Service Set Identifiers (SSID), and Basic Service Set Identifiers (BSSID); and harvest victims’ private information. The trojan can infect computers by being embedded on copies of legitimate applications including Wi-Fi Analyzer, Open Camera, Infinite Loop, and HD Camera, among other tools. Source
December 7, Softpedia – (International) Google patches Android for more bugs in its December security bulletin. Google released security updates addressing 19 flaws in Nexus devices for its Android builds LMY48Z and later, and Android Marshmallow including a critical security vulnerability that can enable a remote code execution (RCE) to affect devices through email, web browsing, and Multimedia Messaging Service (MMS) when processing media files, and as well as a critical severity flaw affecting Android’s Skia graphics engine (RCE), the display driver, and an elevation of privileges in the kernel itself. Source
December 7, SecurityWeek – (International) FireEye patches critical flaw found by Google researchers. Researchers from Project Zero discovered and reported that a remote code execution (RCE) vulnerability was found affecting FireEye’s Malware Protection System (MPS) including its Network Security (NX), Email Security (EX), Malware Analysis (AX), and File Content Security (FX) products. FireEye released an automated remediation to customers 6 hours after notification and mitigated potential customer exposure. Source