Last week, we talked about the OBAD Android malware, which installed itself as an administrator on the device and used a vulnerability in Android to hide this fact from the user. One effect of this particular behavior was to make removal of this threat very difficult. Apps that have set themselves up as administrators require [...]

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

Detecting Hidden Administrator Apps on Your Mobile Device

About two weeks ago, Oracle published a blog post describing – and promising – to improve the security of Java. Since then, I’ve been asked a few times: what exactly did they say, and what does it mean for end users? First, Oracle talked about how they’re now handling security patches. They pointed out how [...]

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

Oracle Improves Java Security – What It Means For End Users

At the end of May, two Google security engineers announced Mountain View’s new policy regarding zero-day bugs and disclosure. They strongly suggested that information about zero-day exploits currently in the wild should be released no more than seven days after the vendor has been notified. Ideally, the notification or patch should come from the vendor, [...]

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

Vulnerability Disclosure – Open or Private?