Android Security is a Hot Mess (yet Again)

Google’s Android smartphone platform is under fire again. Hundreds of “legitimate” apps have been infected with malicious third-party libraries—and not for the first time. These apps account for more than 320 million downloads.

The so-called SimBad and Operation Sheep SDKs are malicious, according to researchers. They’re able to phish, steal data and pop up ads over other apps.

Google keeps talking a grand talk, but is it proactive enough about nuking malware in the Play Store? In today’s SB Blogwatch, we avoid an Android army ambush.


Read more: securityboulevard.com/2019/03/android-security-is-a-hot-mess-yet-again

30 years into the web, Sir Tim vents on scams, hacks and hate

Sir Tim Berners-Lee has been painting a slightly depressing picture of the web’s problems. But his recent open letter also celebrates the web’s extraordinary achievements.

So happy birthday, World Wide Web. It was 30 years ago when Sir Tim formally proposed Mesh, or Mine, or what we now know as the web.

As he super-tweeted in the 2012 Olympic Games, this is for everyone. But not everyone is on board the TBL-fanboi bus. In this week’s Security Blogwatch, we spin sticky silk.


Read more: techbeacon.com/security/30-years-web-sir-tim-vents-scams-hacks-hate

Citrix Systems Breached ‘for 10 Years by Iran,’ Claims Unknown Infosec Firm

Citrix Systems’ networks were infested with hackers, who stole terabytes of data. So says a security service provider nobody’s heard of—and that seems to have popped out of nowhere.

It was Iran, alleges the dubitable company. And so the mainstream media rush to parrot the unfound finding. But where’s the evidence?

Neither Citrix nor the FBI are saying. In today’s SB Blogwatch, we feel like useful idiots.


Read more: securityboulevard.com/2019/03/citrix-systems-breached-for-10-years-by-iran-claims-unknown-infosec-firm