Android users are victims of an ad scam, thanks to social media no hidden soldiers here and Israel’s national cyber security hotline.
Welcome to Cyber Security Today. It’s Monday February 25th. To hear the podcast click on the arrow below:
Is your Android device slowing down, eating up the battery more than usual? Maybe it’s been infected with advertising malware. Oracle says it’s discovered a major mobile ad fraud operation distributed through infected apps. These apps can eat up more than 10 Gigabytes of data a month by downloading hidden and unseen video ads. You get stung with data overage charges. The criminal developer gets cash by having the app report to legitimate ad sites that the ads have been seen. Infected Android apps or games include Perfect365, VertexClub, Draw Clash of Clans, Touch ‘n’ Beat – Cinema, and Solitaire: 4 Seasons. These and other infected apps have been downloaded more than 10 million times.
As with any app you download, be careful. What’s the reputation of the developer? Has the app been reviewed? Do the reviews look genuine or written by fans? Before you download does the site say what permissions the app asks for? When you’re installing an app, be cautious if it asks for background data permissions. As for apps you’ve already installed, go into Settings, Data Usage, and then App Data Usage. See how much data is being used in a background state. If an app is using what you feel is too much, either delete it or restrict it.
Here’s an idea worth thinking about: Israel has created a hotline for citizens to call if they have computer security problems. All they have to do is dial 119. An extension of the country’s Computer Emergency Response Team, the service is staffed by students of Ben-Gurion University of the Negev. After launching in January the line gets 200 calls per day, according to the Times of Israel. One advantage, says an organizer, is the line acts as an early warning sensor for a major attack.
Know who doesn’t understand that social media can be dangerous? The military. A NATO computer testing team recently discovered it could find a lot of sensitive information from reading and infiltrating the Facebook and Instagram accounts of soldiers, sailors and airmen taking part in a military exercise. According to the Military Times, testers could identify all members of certain units, pinpoint the exact location of several battalions and figure out troop movements. And, in unspecified ways, they were able to get soldiers to do things like leave their positions.
Russia, apparently gets it. Foreign Policy magazine reports the country recently passed a law forbidding military personnel from posting photographs, video, and geolocation data on the Internet. However, one expert quoted doubts the law will have much impact. Just like troops everywhere, he said, Russian soldiers are largely millennials who love their social media.
In update news, those of you running Windows Server should install the latest update as soon as possible. Microsoft has acknowledged that a server running Internet Information Services, or IIS, could be tricked into launching a distributed denial of service attack. After installing the update an administrator has to define an IIS setting. And network administrators should be aware that Cisco Systems has released a number of security updates, some of which are rated high severity. Also, there’s a new update for those of you using Adobe Acrobat and Adobe Reader.
As always there are links to more details on these stories in the text version of this podcast at ITWorldCanada.com.
That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon