Malware Could Be Using Legitimate Signature Certificates

When it comes to installing software on your computer, we often have to take it on faith that the software is safe to use. As an extra precaution, the latest step is to allow companies to use “certificates”, digital signatures that show that a trusted company created the software. A group known for creating malware may have found a way around this system though as some of their nasty programs are using legitimate signature certificates.

By using legitimate signature certificates your computer trusts the software and installs it without further hassle, the problem being that the software is less than safe and, in fact, is just malware (or malicious software). According to Symantec, the group known as Suckfly has used no less than nine different singing certificates from nine different companies since 2014.

Categorising the found malware into groups, Symantec found that 11 of the identified tools could be used for backdooring into your system. While others could be used to log and find out your information, some even checked your network traffic to find out what could be used to access your system through port scanning software.

With so many certificates being stolen and used for signing malware, and it becoming a common practise amongst malware creators, could we see the need for another way of finding and checking software is legitimate if these techniques are so easily bypassed?

 

3D Printed Milk Lids Reveal Bad Milk

Milk. Some love it, some dislike it. We are told from a young age that calcium makes our bones strong and we are often told to have more. The experience can be a little daunting though for those unfortunate souls who have poured themselves a glass or over their favourite cereals only to have a foul taste and smell emanate from the white liquid they poured out (if it’s still a liquid).

This may be preventable through with the creation of the “smart lid”, a device that is hidden in plain sight. In fact, in the lid you place atop your milk. The device was created by researchers at the University of California and the National Chiao Tung University in Taiwan and aims to help people detect the quality of their milk before they open the bottle.

The lid detects changes within the milk which demonstrate that it’s going off, such as the presence of bacteria and can transmit these details wirelessly to devices such as smartphones and tablets. The resonant chips built inside the 3D printed caps means the caps don’t require a giant battery built in and can allow for low price monitoring and tracking of milk and possibly other foods.

Imagine going to the store and checking with your phone if the milk you just placed in the basket is good or if that sell by date was a really bad estimate for when it would go off.

Thank you Entrepreneur for providing us with this information.

New Android App Can Detect Stingray Cell Phone Trackers

Stingray cell phone trackers, also known as IMSI catchers, are subject to a lot of debate. We’ve recently seen the story about US Marshals using these devices attached to planes, and that is far from the only place such devices are used for collecting data from people without their knowledge.

These trackers have been in use for about two decades and work by simulating to be a cell phone tower and trick mobile devices to connect to them that way. This might be a really convenient way for the law enforcement to monitor an area, but at the same time innocent people’s privacy is violated on a much bigger level.

There is no way to prevent this hijacking of your signal, but you can now detect those towers. That is if you have an Android phone that is using a Qualcomm chipset and is rooted. The new app that can detect these Stingray Cell Phone Trackers is called SnoopSnitch and it is free in the Google Play store.

“SnoopSnitch collects and analyzes mobile radio data to make you aware of your mobile network security and to warn you about threats like fake base stations (IMSI catchers), user tracking and over-the-air updates.” said German security researchers Alex Senier, Karsten Nohl, and Tobias Engel who created the app.

Images courtesy of Google Play Store