About one month ago, we (Claud Xiao and me) found the first Bootkit Trojan on the Android platform in the worldwide — Oldboot.A.
Recently, we have seized a new variant of the Oldboot family — Oldboot.B. It can delete its file in the file system to hide itself, inject malicious modules into critical system process, prevent Apps from uninstalling and uninstall/disable mobile Anti-Virus software. Most ELF binaries of the Oldboot.B have their executable code and strings encrypted.
I'm interested in online resources that I can use to help me guide them.
1. Hire someone for him to train, thus establishing a check against wrongdoing.
2. Remove domain administrator rights. He is a coder, not a network administrator.
3. Consider adopting updated IMS technology, which does not require a single point of failure that cannot be audited.
I could be wrong about this, but hopefully someone will chime in if that is the case.
ProTip : Try chopin' and changing the XML attributes that use the @string/app_name(android:label, android:name, android:description etc.) resource.
Apple Fixes Serious SSL Issue in OSX and iOS | Threatpost | The first st...
Apple Security Update 2014-002 fixes serious SSL vulnerabilities in OSX Mavericks and iOS 7.1.1.
Rich Chinese hire American surrogate mothers for up to $120,000 a child
Wealthy Chinese are hiring American women to serve as surrogates for their children, creating a small but growing business in $120,000 "desi
Verizon DBIR 2014: Incident patterns show industry-specific threats
The Verizon DBIR 2014 relies on incident patterns to show that not every organization needs to worry about every threat, but instead about i
Time to Crowdfund Open Source Security? | Application Security News, Res...
Will crowd funding bug bounties for OpenSSL solve its security problems? Probably not. crowfund-openssl-bug-bounty. For years, security expe
Prominent Ed-Tech Players' Data-Privacy Policies Attract Scrutiny
A review of the data-privacy policies of Edmodo, Khan Academy, and Pearson—which have access to information about tens of millions of studen
American Funds advises password changes, cites 'Heartbleed' risk
American Funds, one of the largest U.S. mutual funds families, sent an email to 825,000 shareholders on Wednesday, advising them to change t
More Fuji vs Canon Lenses - 85mm F1.2 vs 56mm F1.2 - Ottawa Wedding Phot...
Comparing Fuji 56mm F1.2 with the Canon 85mm F1.2
Google Online Security Blog: Google Services Updated to Address OpenSSL ...
Wednesday, April 9, 2014 9:58 AM. Posted by Matthew O'Connor, Product Manager You may have heard of “Heartbleed,” a flaw in OpenSSL that cou
Android 4.1.1 devices impacted by Heartbleed bug, reveals Google
Google has revealed that the devices running on Android 4.1.1 are impacted the Heartbleed bug, which has been the talk of the town for the l
Princeton Tax Day Penny Poll Postponed to April 16 | Planet Princeton
The Princeton-based Coalition for Peace Action will conduct its annual “Penny Poll” on federal spending priorities the day after this year's
Forget creepers: 'Heartbleed' security flaw is the greatest threat to mi...
The millions of people who play Minecraft should change their passwords as soon as possible. Minecraft developer Mojang's web servers were a