Mozilla Releases Firefox 17 with Click-to-Play, Updates Firefox for Android

Mozilla pushed out the latest build of its flagship browser, Firefox 17, today, adding a new click-to-play blocklisting feature that will help prevent users from running out-of-date or vulnerable versions of plug-ins or extensions. The update tweaks click-to-play in Firefox prompting users to...

Google Market bug for Android 4.1.1 => 4.2 Remote Target Download PoC

The ability to remotely install applications on the target device. In such way you can install bad soft and also can install so many apps then memory of device will be filled. Google Market bug for Android 4.1.1 = 4.2 Jelly Bean Remote Target Download PoC You need: 1 Google Account 2 Android devi...

Mozilla Adding More Stringent HTTPS Enforcement to Firefox

Mozilla is adding an extra layer of security in its Firefox browser by implementing HTTP Strict Transport Security HSTS, a mechanism that will force some sites into establishing a secure, HTTPS connection with the browser if its presented with the right certificate. According to an entry on...

Mozilla Patches Cross-Site Scripting Flaws in Firefox

Mozilla is delivering security updates fast and furious this month, the latest coming late last week when a new version of Firefox repaired three vulnerabilities related to the Location object. The Location object is supported by all major browsers and contains information about the URL being...

Fake Lookout android app stealing your SMS and MMS messages

Android's App store is currently facing a new dilemma as its security has been compromised once again. Researchers from security firm TrustGo have recently spotted on Google Play a bogus app that supposedly automatizes the updating of a batch of other apps. The malicious code was hidden within an...

Research Shows Serious Problems With Android App SSL Implementations

There are thousands of apps in the Google Play mobile market that contain serious mistakes in the way that SSL/TLS is implemented, leaving them vulnerable to man-in-the-middle attacks that could compromise sensitive user data such as banking credentials, credit card numbers and other information...

Firefox 17 Beta Released with Click-to-Play Plugins for blocking vulnerable Plugins

Last week, Mozilla announced it will prompt Firefox users on Windows with old versions of Adobe Reader, Adobe Flash, and Microsoft Silverlight, but refused to detail how the system will work. Finally today Firefox 17 is now in beta and with it is a very cool feature, click-to-play plugins. When a...

Android Play Market 3.9.16 with a Built-In Malware Scanner

AndroidPolice reports that Google is actively working on a built-in malware scanner for the Play Store. A new version of the Play Store app has been released and it is starting to roll out to Android owners. Google Play Store 3.9.16 includes the ability to remove apps from the All Apps list. Ther...

Mozilla Adds Click-to-Play Plugin Security Feature to Firefox Beta

Attackers have been going after vulnerabilities in browser plugins and extensions for years now, as they know that users are slow about updating these components. Even if users have the browser set to update automatically, the third-party components are a separate issue and need to be patched on...

Flawed EMV Chip-and-PIN Protocol Paves Way To Fraudulent ATM and POS Transactions

A flaw in the EMV protocol which lays out the rules for chip-and-PIN card transactions at ATMs and point-of-sale terminals could enable persistent attackers to carry out bogus card transactions. Five Cambridge UK University researchers released a paper today with the gory details. Foremost among...

New OpFake Android Malware Entices Users With Opera Mini Browser

There is a new variant of the OpFake mobile malware making the rounds, and this version comes bundled with a version of the legitimate Opera Mini mobile browser. The malware targets Android phones and steals money from victims by sending SMS messages without the user’s knowledge to premium-rate...

More Malware Using a Remote Payload Discovered on Google Play

Symantec is warning of new malware masquerading as two apps on Google Play that claimed up to 100,000 victims before the Trojan was removed. Both “Super Mario Bros.” and “GTA 3 Moscow City” racked up 50,000 to 100,000 downloads after being posted June 24 on Google Play. “What is most interesting...

Fraudulent Apps and Fake AV Found on Google Play

Researchers from the security firm AegisLab discovered more than 15 fake antivirus and free SMS applications on Google’s recently rebranded content market place, Google Play. The applications are redirecting users to a third party site run by the app’s developer. AegisLab researchers could not sa...

Race condition

Race condition in partmgr.sys in Windows Partition Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that makes multiple simultaneous Plug and Play PnP Configuration Manager...

CVE-2012-0178

CVE-2012-0178 affects Windows Partition Manager (partmgr.sys) and stems from a race condition in handling device-relations requests. A crafted application that issues multiple simultaneous Plug and Play (PnP) Configuration Manager calls could allow local users to gain kernel-mode privileges on Wi...

Fake Instagram App Could Cost Unsuspecting Android Users

Malware writers are taking advantage of the popularity of the Instagram photo application to distribute a form of malware that can send background SMS texts from Android devices. Instead of downloading the app from Android’s marketplace, Google Play, some users are being duped into downloading a...

Malicious Android Apps Target Users in Japan

Cybercriminals targeted Android users in Japan with a number of malware-laced Android apps designed to mimic and masquerade as popular games, according to researchers at Symantec. Symantec said it has detected 29 such applications originating from seven developer accounts. Common coding...

Android Video Malware found in Japanese Google Play Store

Android Video Malware found in Japanese Google Play Store A new Trojan has been found, and removed, from the Google Play/Android Market, McAfee reported on Friday afternoon. The post says applications carrying the Trojan promise, and in some cases deliver, trailers for upcoming video games or ani...

Legacy Native Malware in Angry Birds Space to pwn your Android !

Legacy Native Malware in Angry Birds Space to pwn your Android A new malware threatens phones and tablets running Google's OS by hiding inside a copy of the popular game. Researchers at the mobile security firm Lookout identified the reworked malware as Legacy Native LeNa, which poses as a...

Phony Temple Run Game For Android Plays On Android-iOS App Gap

Scammers are using the super-popular Temple Run game for iOS as bait to lure Android users into installing a phony version of the game on their phones. The incident comes amid reports of an explosion in traffic to mobile Web pages and application stores. Researchers at Trend Micro wrote on Monday...