Latest News Latest News

Latest Microsoft Update Patches New Windows 0-Day Under Active Attack

With its latest and last Patch Tuesday for 2019, Microsoft is warning billions of its users of a new Windows zero-day vulnerability that attackers are actively exploiting in the wild in combination with a Chrome exploit to take remote control over vulnerable computers.

Read More...

Snatch Ransomware Reboots Windows in Safe Mode to Bypass Antivirus

Cybersecurity researchers have spotted a new variant of the Snatch ransomware that first reboots infected Windows computers into Safe Mode and only then encrypts victims' files to avoid antivirus detection.

Read More...

Avast and AVG Browser Extensions Spying On Chrome and Firefox Users

If your Firefox or Chrome browser has any of the below-listed four extensions offered by Avast and its subsidiary AVG installed, you should disable or remove them as soon as possible; Avast Online Security, AVG Online Security,Avast SafePrice and AVG SafePrice.

Read More...

Malicious Android SDKs Caught Accessing Facebook and Twitter Users Data

Two third-party software development kits integrated by over hundreds of thousands of Android apps have been caught holding unauthorized access to users' data associated with their connected social media accounts.

Read More...

First Cyber Attack 'Mass Exploiting' BlueKeep RDP Flaw Spotted in the Wild

Cybersecurity researchers have spotted a new cyberattack that is believed to be the very first but an amateur attempt to weaponize the infamous BlueKeep RDP vulnerability in the wild to mass compromise vulnerable systems for cryptocurrency mining.

Read More...

Mysterious malware that re-installs itself infected over 45,000 Android Phones

Over the past few months, hundreds of Android users have been complaining online of a new piece of mysterious malware that hides on the infected devices and can reportedly reinstall itself even after users delete it, or factory reset their devices.

Read More...

New PHP Flaw Could Let Attackers Hack Sites Running On Nginx Servers

If you're running any PHP based website on NGINX server and have PHP-FPM feature enabled for better performance, then beware of a newly disclosed vulnerability that could allow unauthorized attackers to hack your website server remotely.

Read More...

Stealthy Microsoft SQL Server Backdoor Malware Spotted in the Wild

Cyber security researchers claim to have discovered a previously undocumented backdoor specifically designed for Microsoft SQL servers that could allow a remote attacker to control an already compromised system stealthily.

Read More...

Attention Linux Users!

A new vulnerability has been discovered in Sudo—one of the most important, powerful, and commonly used utilities that comes as a core command installed on almost every UNIX and Linux-based operating system.

Read More...

Apple iTunes and iCloud for Windows 0-Day Exploited in Ransomware Attacks

The cyber criminal group behind BitPaymer and iEncrypt ransomware attacks has been found exploiting a zero-day vulnerability affecting a little-known component that comes bundled with Apple's iTunes and iCloud software for Windows to evade antivirus detection.

Read More...

Most Viewed News Most Viewed News

Back

Malicious Android SDKs Caught Accessing Facebook and Twitter Users Data

Two third-party software development kits integrated by over hundreds of thousands of Android apps have been caught holding unauthorized access to users' data associated with their connected social media accounts.

In a blog post published yesterday, Twitter revealed that an SDK developed by OneAudience contains a privacy-violating component which may have passed some of its users' personal data to the OneAudience servers.

Following Twitter's disclosure, Facebook today released a statement revealing that an SDK from another company, Mobiburn, is also under investigation for a similar malicious activity that might have exposed its users connected with certain Android apps to data collection firms.

Both OneAudience and Mobiburn are data monetization services that pay developers to integrate their SDKs into the apps, which then collect users' behavioral data and then use it with advertisers for targeted marketing.

In general, third-party software development kits used for advertisement purposes are not supposed to have access to your personally identifiable information, account password, or secret access tokens generated during 'Login with Facebook' or 'Login with Twitter' process.

However, reportedly, both malicious SDKs contain the ability to stealthy and unauthorizedly harvest this personal data, which you otherwise had only authorized app developers to access from your Twitter or Facebook accounts.

"This issue is not due to a vulnerability in Twitter's software, but rather the lack of isolation between SDKs within an application," Twitter clarified while revealing about the data collection incident.

So, the range of exposed data is based upon the level of access affected users had provided while connecting their social media accounts to the vulnerable apps.

This data usually includes users' email addresses, usernames, photos, tweets, as well as secret access tokens that could have been misused to take control of your connected social media accounts.

"While we have no evidence to suggest that this was used to take control of a Twitter account, it is possible that a person could do so," Twitter said.

"We have evidence that this SDK was used to access people's personal data for at least some Twitter account holders using Android; however, we have no evidence that the iOS version of this malicious SDK targeted people who use Twitter for iOS."

Twitter has also informed Google and Apple about the malicious SDKs and suggested users to simply avoid downloading apps from third-party app stores and periodically review authorized apps.

Meanwhile, in a statement provided to CNBC, Facebook confirmed that it had already removed the apps from its platform for violating its policies and issued cease and desist letters against both One Audience and Mobiburn.

"Security researchers recently notified us about two bad actors, One Audience and Mobiburn, who were paying developers to use malicious software developer kits (SDKs) in a number of apps available in popular app stores," Facebook said.

In response to this, OneAudience announced to shut down its SDK and also provided a statement saying, "this data was never intended to be collected, never added to our database and never used."

"We proactively updated our SDK to make sure that this information could not be collected on November 13, 2019. We then pushed the new version of the SDK to our developer partners and required that they update to this new version," OneAudience said.

Both social media companies are now planning to shortly inform their users who may have been impacted by this issue.


Values Values

  • Trustworthiness
  • Innovation
  • Scientific
  • Democracy
  • Synergy
  • Saving