CamuBot malware, SonarSnoop hacking, and government backdoors

CamuBot malware, SonarSnoop hacking, and chat backdoors

Taylor Armerding, Synopsys Software Integrity Group senior strategist, gives you the scoop on application security and insecurity in this week’s Security Mashup.

CamuBot malware is the new kid on the block, the sounds of hacking (SonarSnoop), and back to the government’s wish for chat backdoors. Watch this week’s episode below.

‘CamuBot’ banking malware ups the Trojan game with biometric bypass

via Tom Spring, Threatpost: Banking malware variants are created to hide. The longer they remain in your system undetected, the more credentials and account information they can steal, which attackers use to plunder your savings and investments. But the newest thief on the block, as several outlets have reported this past week, doesn’t try to hide. Instead, CamuBot malware relies on camouflage. Watch this segment to learn why it’s trending in security.

SonarSnoop attack can steal smartphone unlock patterns

via Catalin Cimpanu, ZDNet: For some time now, the good guys have been touting biometrics as a good way to improve the security of our devices. So it shouldn’t be a surprise that the bad guys are interested in using biometrics to undermine security. Fortunately, an acoustic side-channel attack labeled SonarSnoop aimed at stealing the unlock patterns from Android devices has been reported by some good guys—researchers from universities in the U.K. and Sweden. Watch this segment to learn why this story is trending.

US and UK governments seek mandatory ‘backdoors’ in chat apps

via Hannah Boland, The Telegraph: The battle between tech companies and law enforcement over encryption has been going on for some time now. Law enforcement officials say they support encryption and respect for personal privacy—except when it comes to criminals and terrorists. They say they can’t do their jobs and keep us all safe if they are blinded by encryption. But they claim that mandatory chat backdoors will help. Discover why this segment is trending when you watch it.

Stay up-to-date on the latest security news.

Subscribe to the blog today!

*** This is a Security Bloggers Network syndicated blog from Software Integrity authored by Taylor Armerding. Read the original post at: