Connect with us

Featured

More threats to Android and iOS

Published

on

A recent report has shown that cyber criminals are continuing to leverage security flaws in Android and iOS, meaning that manufacturers and carriers need a more integrated set of security strategies to keep their consumers’ phones safe from malware and the like.

Cyber-criminals continue to leverage the gaps in the security of Android and iOS operating systems to target mobile device users, regardless of platform, which is causing an increase in the already exponential growth of mobile malware.

According to the Trend Micro Q3 Security Roundup Report, Mediaserver vulnerabilities that were found in Android signalled that Google, manufacturers and carriers need a more integrated set of security strategies. Attackers also continue to find alternate means of breaking through iOS security walls. In the past quarter, modified versions of app-creation tools like Xcode and Unity made it clear that Apple’s walled garden approach to security can no longer spare iOS from attacks.

“Google has released a report that says less than 1% of apps found in the Google Play Store are potentially harmful,” says Darryn O’Brien, country manager at Trend Micro Southern Africa. “However, that doesn’t mean that users aren’t at risk. Android’s latest worry is Mediaserver, which handles all media related tasks and recently became and is likely to remain an active attack target. We have seen attackers exploit at least five vulnerabilities in the service in just this last quarter.”

“We found a bug in Mediaserver that could leave Android phones silent and users unable to send texts or make calls. As of July 2015, reports stated that over half of Android devices were vulnerable to this flaw. The Stagefright vulnerability, gave attackers the power to install malware on affected devices by distributing malicious MMSs which reportedly put 94.1% of Android devices at risk by July 2015,” says O’Brien.

Another vulnerability found in Mediaserver was capable of causing devices to endlessly reboot and allowed attackers to remotely run arbitrary code, to which 89% of Android devices were susceptible at the time. O’Brien adds that the fifth vulnerability known as CVE-2015-3842, allowed remote code execution in Mediaserver’s AudioEffect component and was seen in the landscape in August this year.

“The discovery of these Android vulnerabilities prompted Google to implement regular security updates for the platform, so that was positive. However, the platform’s current state of fragmentation may affect some users as security patches might not make their way to all devices unless there’s support from manufacturers and carriers,” says O’Brien.

Apple’s walled garden approach has given it a reputation as a safer choice when it comes to mobile devices as it meant stricter app-posting policies and thus more secure apps. But according to the Q3 Security Roundup, this belief was dispelled in the last quarter when several iOS applications on the App Store and third-party stores where infected with a piece of code called “XcodeGhost”. Through these malicious apps, cybercriminals could execute fraud, phishing and even data theft.

“A scary vulnerability in iOS in the past quarter was Quicksand, which was capable of leaking data sent to and from mobile-device-management (MDM) enabled users, and that put not only personal data but corporate data at risk. The operating system’s AirDrop feature also featured in the exploit landscape and was even able to reach users whose devices weren’t configured to accept files sent through AirDrop.”

According to the report, the technology giant was swift in addressing the issues and removed infected applications from its App Store. However, Trend Micro believes that there are bound to be increasing iOS threats in the future as the mobile user base continues to expand.

“Cybercriminals will make it their mission to find more ways around Apple’s strict policies and walled garden. Cross-platform threats that put not only individuals but also businesses at risk, can also be expected to continue,” says O’Brien.

“Mobile devices are a gold mine for cybercriminals and they will continue to be targeted. Mobile malware will grow and it’s important that local mobile users are aware that they aren’t safe from these types of threats just because South Africa may not be a main target. Having sufficient security on all your mobile devices is essential to the safety of your own data, and now, even the data of your workplace.”

Featured

Appdate: No wallet? No problem?

In his app roundup, SEAN BACHER highlights VodaPay Masterpass, Charge Running, South African App Integrator Directory, uKheshe Health and LocTransie.

Published

on

VodaPay Masterpass

Digital mobility is now a way of life and most are using smartphones to pay bills. 

To meet this need Vodacom and Mastercard have launched VodaPay Masterpass, which enables Vodacom customers to load any bank card into a secure digital wallet, downloaded as an app on their smartphone. Once loaded, these cards and the secure credentials associated with them are safely stored, enabling customers to start transacting immediately without the hassle of entering card details each time they make a purchase.

Vodacom customers can buy prepaid data, airtime and SMS, or voice bundles, directly through the app. They can also select the Pay Bills menu option to settle their DStv accounts, pay a utility bill or take care of a traffic fine.

With the app’s Scan to Pay functionality, users can scan a QR code to pay for goods and services wherever Masterpass is accepted, including all SnapScan and Zapper merchants. Once a QR code is scanned, users select the card they wish to use, and enter their bank PIN number on their own device to complete the transaction.

Platform: Android and iOS

Expect to pay: A free download and users will not be charged for any transaction fees.

Stockists:  Download VodaPay Masterpass for iOS here and for Android here.

Charge Running

Most running apps track data like pace and distance and, in some cases play audio designed to motivate you, but don’t give you the push you get when you run with a friend. Charge Running is an app that lets you run alongside other runners, virtually, as well as giving live coaching to help you go the distance.

The app includes features such as:

·       Unlimited access to live running classes and virtual races  

·       The ability to compete with runners anywhere in the world in real-time

·       A live leaderboard that shows where you are in the pack to keep you pushing

·       Live, personalised feedback from professional trainers 

·       Group chats with coaches and fellow runners throughout the run

·       On-demand runs for times when you can’t join the live groups 

·       A choice of difficulty levels and race types 

Platform: Android and iOS

Expect to pay: A free seven-day trial; thereafter R150 per month

Stockists: Visit the Charge Running site here for downloading instructions.

South African App Integrator Directory

The South African App Integrator Directory from Xero is designed to solve the complexity of choosing apps for small business owners.

The directory is now available in South Africa with six partners, including Realm Digital, Radical Cloud Solutions, Nimacc, Insights, Iridium Business Solutions and Creative CFO. According to Xero, these are all organisations with a proven track record of successfully integrating marketplace apps into Xero businesses. There are also currently over 700 apps in Xero’s App Marketplace worldwide, 21 of which are South African born.

As small businesses become more tech-savvy, they need to know exactly which apps to install on their devices and how the apps will help them. They also need to be able to install these apps from a trusted integrator so they know for what they are paying. 

Platform: Any device with an up-to-date Internet browser.

Expect to pay: A one month trial version is offered, after which the App Integrator ranges from R125 to R245 per month, depending on the company’s needs.

Stockists: Visit Xero here for downloading instructions.

Click here to read about uKheshe Health and LocTransie.

Previous Page1 of 2

Continue Reading

Featured

Prize offered for drone films

Published

on

DJI and SkyPixel, the world’s most popular aerial photography community, have announced the first short film contest inviting users to submit cinematic stories shot with camera and gimbal products. The 2019 SkyPixel Short Film Contest will accept entries until 14 October 2019. It welcomes submissions from all creators, ranging from hobbyists to social media users and professional videographers. around the globe.

../GT_FileRecv/0731@SP-banner-2400x640-en(1).png

The 2019 SkyPixel Short Film Contest consists of three storytelling categories—‘Big Moments Start Small,’ ‘Make Your Move’ and ‘Adventure Starts With You.’ There is no restriction on the type or brand of equipment participants use, and they can submit as many videos as they wish.

A total of 100 winners can win a range of prizes totaling $48,600 USD in categories including Recommended Films, Best Editing, Best Story, Nominated Entries, People’s Choice Prize as well as This Week’s Most Popular, sponsored by the partner SanDisk and WD brand from Western Digital Corp. This year’s Best Short Video winners will each receive the new Ronin-SC Pro Combo, Osmo Action as well as WD 2TB My Passport Wireless SSD.

Winning entries will also be showcased on the SkyPixel website as well as to DJI’s millions of fans and followers across its social media platforms.

“DJI has redefined how people capture stable video for all of life’s moments. The compact size, portability and powerful imaging system of our Osmo and Ronin series have also made it possible for anyone to take their creativity and inspirations to the next level,” said Basile David, Director of Brand and Content Partnerships at DJI. “With this contest, we hope to encourage more people to embrace and share their own creative way of storytelling.”

Since 2014, the SkyPixel online community has attracted 16 million professional aerial photographers and content creators from more than 140 countries, growing into the largest aerial photography community today. Over the past five years, SkyPixel has received over 150,000 submissions, becoming a go-to platform for original aerial masterpieces and extraordinary footage powered by other gimbal products focusing on various themes.

Details of the 2019 SkyPixel Short Film Contest

The short film contest consists of three categories:

Big Moments Start Small: Create a video showcasing the small, lightweight design of your camera device and your best cinematic scenes. Users are recommended to include at least 10 seconds of behind-the-scenes clips of their product such as DJI Osmo Pocket or other devices.

Make Your Move: Create a video showcasing the stabilized footage from your device. Users are recommended to include at least 10 seconds of behind-the-scenes clips of their product such as DJI Osmo Series or other devices.

Adventure Starts With You: Create a short, cinematic narrative film to showcase your creative skills and visual effects. Users are recommended to include at least 10 seconds of behind-the-scenes clips of their product such as DJI Ronin Series or other devices.

*Video submissions should not be longer than three minutes in length.

Submission Details

Submission Start Date: August 15, 2019, 2:00 AM (EST)

Submission End Date: October 14, 2019, 2:00 AM (EST)

Award Announcement: October 31, 2019

Interested participants can visit the 2019 SkyPixel Short Film Contest website for more information on contest rules and guidelines. For more information, contact: Skypixel.campaign@dji.com

Continue Reading

Trending

Copyright © 2019 World Wide Worx