I'll bet A/V detects this... BUT, I'll also bet it's rare to find AV running on the 'droids :-)
Mike B From: Dan Kaminsky [mailto:[email protected]] Sent: Saturday, May 05, 2012 11:08 PM To: Blanchard, Michael (InfoSec) Cc: [email protected] <[email protected]>; [email protected] <[email protected]> Subject: Re: [funsec] Seriously? So what's your bet on whether AV detects it? On Sat, May 5, 2012 at 7:40 PM, <[email protected]<mailto:[email protected]>> wrote: I LOVE stuff like this.... Just because of the "security professionals" that come running out of the woodwork to us asking us "... Hey you see this new thing?!?! It's totaly OH-day and I'll bet A/V doesn't detect it too!!..." I use it as a gauge of how much those folks actually know, and try to avoid them in the future.... It really sucks when it's folks that work with you too! Used to happen in another gig years ago... Would never happen where I a now! LOL Mike B ----- Original Message ----- From: Jeffrey Walton [mailto:[email protected]<mailto:[email protected]>] Sent: Saturday, May 05, 2012 03:18 PM To: FunSec List <[email protected]<mailto:[email protected]>> Subject: [funsec] Seriously? Seriously? The "new threat of user-initiated drive by downloads"? =============================================== Don’t Install Android Security Updates While Browsing the Web, http://www.gottabemobile.com/2012/05/04/dont-install-android-security-updates-while-browsing-the-web/ Surfing the web on Android is relatively safe, but a new threat tricks users into installing a trojan that calls itself a security update. Symantec discovered the Android.Notcompatible threat this week, calling attention to the new threat of user-initiated drive by downloads. Malware is a problem on Android smartphones, but it is typically reserved for infected fake games and apps found on third-party marketplaces. This new attack can happen on any infected webpage, and relies on tricking the user into installing the malware. ... _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
