Security researchers at Trend Micro have released third quarter 2012 security round up report which explains about Zero day attacks, Phishing, Mobile Malware & Spam. Malware targeting Android is the key highlight of the report. The Report says that, “Android under Siege: Popularity comes at a price.”
According to the report, it is clear that threats on various platforms are on the rise and we need to take strong measures to mitigate the same.
Key Highlights of the Report
- The number of malicious Android apps continued to increase. Also, a significant rise is seen in the number of aggressive mobile adware.
- At the end of day, all mobile applications are essentially web clients and they are as unsecure as internet browsers and that’s how you should treat them.
- Zero-day exploits again reared their ugly heads this quarter, Security researchers saw 1,822 critical vulnerabilities, which put a lot of organizations and company data at risk.
- ZeroAccess malware, which have the ability to patch system files, rose in rank from third place in the second quarter to first place this quarter. More than 900,000 ZeroAccess malware detections to date were recorded.
- Paypal, Ebay, Battle.net, AOL & Runescape are top 5 Phishing targets.
- Despite the fact that billions of people use various social media sites, related privacy issues remain. Only 50% of Facebook users check their privacy settings every 2–3 months. They aren’t likely to change their settings that often though.
Workaround and Mitigation
- Don’t give enough privilege/permission to suspicious, untrusted and doubtful Applications on Android platform. It is always recommended to install trusted applications.
- Android users should always check for user reviews and ratings before downloading any application and Install a popular mobile security solution.
- We have already written about detection and prevention on Phishing scams. Read the Article.
- Never download and install cracked and pirated application on you PC, doing this may expose your PC to known and unknown vulnerability.
- Always update your Anti-virus solution on regular basis.
- Keep changing your login password on social networks at regular basis. Also, it is recommended to give a review on the privacy settings after every 30 days.
- Never click on any suspicious and untrusted links doesn’t matter what it claims. Also, whenever you get such links, spread awareness about the same in your network.
- If any zero day vulnerability is found on a particular application, stop using the application until patch is released by vendor. If it is not possible then you should apply temporary workarounds to be safe.