11-24-2020, 08:08 AM
Another 'Minecraft' lesson for kids: Beware of deceitful adware apps
https://www.cyberscoop.com/minecraft-mod...kaspersky/This time we can really say this is malware in the traditional sense at all. Actually it's about nuisance adware. The sample we examined automatically opened a browser window with ads every two minutes, greatly interfering with normal smartphone use.
Kaspersky’s Igor Golovin Wrote:Because the ‘modpack’ seemed glitchy from the start, most users, especially kids and teens, won’t waste time looking for it. They may even forget it and not bother trying to remove it. Unbeknownst to the user, however, the app remains on the smartphone — and not merely there, but hard at work.
So far Kaspersky claims they can be removed and they won't try to reinstall them or hide among the system files. You can identify them thanks to their lame descriptions and the excess of 5 and 1 stars reviews on their profiles.
Apple's anti-advertising privacy features
It claims Facebook doesn't care about user privacy
https://www.cyberscoop.com/apple-apps-ad...-facebook/Apple affirmed Thursday that its mobile operating system will soon get a new privacy feature opposed by the advertising industry, and it specifically called out Facebook for showing a “disregard for user privacy.”
CyberScoop Wrote:ATT essentially will block iOS apps from tracking the use of other apps on a device. The goal is to limit the information that advertising networks collect about Apple device users.
The current behavior allows apps to share too much data with third parties and even lets them resell them at will. They don't inform you about what they are currently doing with it or who received it at any given point.
The Whole US Congress passes Internet of Things cybersecurity bill
https://www.cyberscoop.com/congress-iot-...ntractors/The legislation supported by members of both parties is aimed at enhancing the safeguards of internet-connected devices such as smart sensors that monitor water quality or control ships in waterway locks.
This new law promotes the disclosure of vulnerabilities by coordinating with private cyber security companies or groups.
Here's a summary of what it has changed so far.
CyberScoop Wrote:the Commerce Department’s National Institute of Standards and Technology establishes a baseline security requirements for any IoT manufacturer that wishes to contract with the federal government, in areas such as patching or identity management. The bill also would require contractors to implement vulnerability disclosure policies.
They compared this with the EnergyStar rating but instead of making machines not to waste electricity, they'll focus on security standards. At some point all companies should be encouraged to apply them whether or not they work with or supply anything to the government. Others think those not interested in dealing with the US government won't care about that and still provide buggy software or hardware.
In the Linux world it's quite common to share flaws they've found with pretty much anybody interested in fixing them or suggesting ways to improve its performance, etc. Now companies should be able to easily find some group they can trust to help them find bugs that otherwise would compromise your phones or tablets or phablets or brick them just because. Even if a company is expected to rely on their own programmers and cyber security advisers to minimize the risks, there's always something that goes wrong or a third party entity plays with it as a simple test to see if they can recommend the product or buy tons of them and notices how flawed it is. Now they should work closely with white hat hackers to prevent dangerous hackers and crackers from stealing your data. How they will make this happen? Time will tell, especially since every company is free to hire any group's services at will.
Anyway this is a complement for other laws like the once that promotes threat sharing information between government and industry.
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE