Researcher Jon Oberheide explains on his blog how users can be tricked into installing apps on their Android phones — through an XSS vulnerability! This tops of the last weeks fuzz about Android security.
On Saturday, the Google mobile team blogged about how they would deal with the malware spread through their Android Market — the same day they confirmed that there were 58 different malicious apps that had been downloaded onto around 260,000 Android devices.
At the beginning of February I blogged about the dangers rising from the Android market's web driven installation routine. Oberheide now showed one scalable way to take advantage of the market store. Others remain.
Disclaimer
Subscribe to:
Post Comments (Atom)
Copyright notice
Read other popular posts
-
I guess it was long overdue for me to follow up on my Hardening Windows Server 2003 SSL/TLS configuration and Windows server 2003 vs 20... -
I just ran into a weird problem while creating a bootable USB-stick, it was impossible to do a full copy of the files from an .iso. I tried...
-
Yesterday I was playing around with the validateIntegratedModeConfiguration="true" setting on IIS 7.5. To my surprise I got an ... -
Visual Studio Online looks pretty cool so I’ve decided that I'll use it for the next NWebsec release. The project setup was relatively... -
Security headers in an HTTP response There are many things to consider when securing a web application but a definite "quick win&qu... -
The release of Firesheep a week ago brought a lot of attention to a problem that has been known for many, many years: cookies sent over both...
-
Though Windows Server 2003 has been around for a while, we'll still see them around the Internet for many years to come. Despite their u...
-
I just found out that Terminal services manager does not exist in Windows 7. But fear not, the Remote Desktop Services Manager will do the ... -
There are several ways to figure out the SSL/TLS configuration of a webserver. If you're dealing with an Internet facing server, the qu... -
OWASP recently released their Top Ten 2013 list of web application vulnerabilities. If you compare the list to the 2010 version you’ll see t...
louis vuitton outlet
ReplyDeletenike running
vans shoes
oakley store
ray ban sunglasses
oakley canada
ralph lauren outlet
chaussures christian louboutin
borse louis vuitton
mlb jerseys
chenlina20170421
20170518 leilei3915
ReplyDeleteyeezy boost
canada goose jackets
christian louboutin uk
polo outlet
kate spade handbags
longchamp outlet
coach outlet store online
fitflops sale
fred perry outlet
coach factory outlet
this is very helpful post.thanks for sharing : usefull site
ReplyDeleteDownload sprint family locator app for android!
ReplyDeleteugg shoes
ReplyDeletecanada goose jackets
coach outlet store
kate spade handbags
adidas shoes
jordan retro
kate spade outlet store
coach outlet store
nike air max
coach factory outlet
12.09linpingping