permissions Archives

AppWizard

November 8, 2024

Godfather Is A Risk To Android Users Worldwide As 500 Apps Targeted

A new variant of the Godfather banking trojan is targeting over 500 Android banking and cryptocurrency applications globally. Initially focused in the U.S., U.K., and Europe, its reach has expanded to countries including Azerbaijan, Greece, Japan, and Singapore. The malware has transitioned from Java to native code, enhancing its ability to exploit Android’s accessibility services and mimic user actions through gesture automation commands. It employs social engineering tactics, such as a fraudulent website posing as the official MyGov site of the Australian Government, to distribute malicious files. Once installed, the malware communicates with a control server, collects device information, and replaces legitimate banking applications with phishing pages to steal credentials. The Godfather malware has become more difficult to analyze and poses a significant threat to users worldwide.

AppWizard

November 8, 2024

Timed Silence: An Open Source Android App to Automatically Silence Your Phone

Timed Silence is a Kotlin-based application for Android, created by Felix Nüsse, that manages smartphone volume settings, allowing users to mute, vibrate, or ring with sound. The app requires initial setup permissions and features an intuitive interface with a pause/play button. Users can create custom schedules, including pre-defined ones for "Night" and "Day." The app effectively activates Do Not Disturb (DND) at scheduled times, muting notifications while allowing calls and messages from specified contacts. Additional features include Calendar integration, Keywords for managing volume levels, Bluetooth compatibility, and a Sanity Check for priority contacts. The app is available on F-Droid, with source code and APKs on GitHub.

AppWizard

November 7, 2024

Uninstall these 12 Android apps that record your conversations

Twelve malicious Android applications have been identified that can take control of devices to record audio and perform other harmful activities. These apps include: 1. Rafaqat 2. Privee Talk 3. MeetMe 4. Let’s Chat 5. Quick Chat 6. Chit Chat 7. YohooTalk 8. TikTalk 9. Hello Cha 10. Nidus 11. GlowChat 12. Wave Chat The first six were available on the Google Play Store and were downloaded over 1,400 times before removal. Users are advised to uninstall these apps immediately and remain cautious about downloading unfamiliar applications or clicking on suspicious links.

AppWizard

November 7, 2024

Gmail ‘Suddenly’ Stops Working—New Warning As Google Update Goes Wrong

Pixel users are experiencing significant app malfunctions on Android 15, particularly with Gmail, due to issues stemming from a recent Google Play update. Many users report that their devices indicate "Google Play Services is not supported," rendering both first and third-party applications inoperative. Error messages related to Google Play Services being unavailable or outdated have been noted, and the problems may extend beyond Pixel devices. Users have attempted various troubleshooting steps, including factory resets, with mixed results. Some users are advised to opt out of the Google Play services beta and restart their devices, but this solution has not been universally effective.

AppWizard

November 6, 2024

ToxicPanda Malware Targets Banking Apps on Android Devices

A new Android malware named "ToxicPanda" was first identified in late October 2024 and has been reclassified as a unique entity after initial classification under the TgToxic family. It poses a risk through account takeover via on-device fraud and primarily targets retail banking applications on Android devices. The malware has spread significantly in Italy, Portugal, Spain, and various Latin American regions, with over 1,500 devices reported as victims. ToxicPanda allows cybercriminals to gain remote access to infected devices, intercept one-time passwords, and bypass two-factor authentication. The threat actors are likely Chinese speakers, which is unusual for targeting European banking. The malware spreads through social engineering tactics, encouraging users to side-load the malicious app, and exploits Android’s accessibility services for elevated permissions. Cleafy’s analysis indicates that ToxicPanda's command-and-control infrastructure shows evolving operational strategies, and the malware may undergo further modifications. The challenges for security professionals are increasing as malware operators refine their tactics and expand their targets. Cleafy noted that contemporary antivirus solutions have struggled to detect ToxicPanda due to a lack of proactive, real-time detection systems.

Tech Optimizer

November 5, 2024

Neon Authorize: Granular access controls at the database layer

Neon has launched Neon Authorize, a feature that enhances permission and access control management for developers using its serverless Postgres database. This feature incorporates Postgres Row-Level Security (RLS) to protect data from unauthorized access, allowing for the establishment of authorization policies at the database level. Recent findings from OWASP indicate that broken access control is a significant risk in web application security, with 94% of applications tested showing vulnerabilities. RLS enables database administrators to control user access at a granular level, making it particularly useful for multi-tenant applications. Neon Authorize simplifies the integration of authentication providers, allowing developers to authenticate database calls using JSON Web Tokens (JWT). Andy Young from Lockdown Ventures noted that adopting Neon Authorize improved security, simplified application code, and enhanced performance, with the migration process taking less than a day.

Winsage

November 4, 2024

Microsoft refreshes Windows Hello to make signing in with your face (or fingers) much more pleasant with Windows 11

Microsoft is updating its biometric authentication feature, Windows Hello, with a new Beta Channel preview build available to Windows Insider Program members. This update introduces a redesigned sign-in experience that aligns with the aesthetics of Windows 11 and aims to make the authentication process more intuitive. The Beta Channel Preview Build 22635.4440 (KB5045889) includes enhanced login options and permission management, along with various tweaks to improve the overall Windows 11 experience. Additionally, a new game controller keyboard feature has been temporarily disabled to address existing issues, with plans for its reintroduction in a future update. Feedback from Windows Insider members is being monitored during this testing phase.

AppWizard

November 1, 2024

Open Source App ‘Easy Watermark’ on Android Helps You Protect Your Images

Easy Watermark is an open-source application for Android developed in Kotlin by rosu, designed to simplify the watermarking process for images. It features a user-friendly interface that allows users to add text and emoji watermarks with ease. The app provides various editing options, including fonts, sizes, colors, and angles, as well as a single tile mode to prevent watermark duplication. Users can also add custom logos using the 'Icon' option. Easy Watermark can be installed from F-Droid or purchased on the Play Store, and its source code is available on GitHub.

AppWizard

October 31, 2024

New Android Spyware Warning—Do Not Install These Apps

Android users are being warned about a new variant of the FakeCall malware, which can intercept calls, live-stream device screens, and manipulate text messages and camera functions. This updated spyware prompts users to set it as the default call handler, granting it control over all calls. Users are advised not to designate unfamiliar apps as default call handlers, avoid sideloading apps, and ensure Play Protect is activated. The FakeCall app can redirect users to malicious lines that mimic legitimate banking interfaces, risking unauthorized access to sensitive information. Google is enhancing Play Protect to monitor apps from outside the Play Store and plans to introduce live threat detection in the upcoming Android 15 update. Zimperium offers resources to help identify FakeCall apps and encourages users to check their default call handler settings and permissions.

Winsage

October 30, 2024

Windows 11 Ctrl+Shift now works for Start, taskbar jump list. Smaller taskbar and more coming

Windows 11 has introduced a new keyboard shortcut, Shift+CTRL, allowing users to open selected applications with administrative privileges directly from the jump list. This feature extends the previous functionality, which was limited to app icons, enabling users to launch tasks as an administrator by holding down the Shift and CTRL keys while selecting an option from the jump list. Additionally, Microsoft is exploring smaller taskbar icons and a new functionality for dragging items from the Start menu to the taskbar for pinning. However, users still cannot reposition the taskbar to different sides of the screen.