THE MAVERICK BLOG

Cyber threat intelligence & musings on emerging threats

New Critical Android Crypto Vulnerability – 05Jul13

Security research firm Bluebox Labs will unveil a critical security vulnerability in Android devices at this year’s Blackhat Security Conference. The vulnerability exists in Android’s security model where the malware can be inserted without breaking the legitimate cryptographic signature…

New Android Malware Set For July 4th Release

A new Android Trojan has been embedded in a pirated copy of an exclusive app from rapper Jay Z. The legitimate app has been released exclusively for Samsung devices on Google Play. The fake malware version of the app appears to function identically to the legit app. But the malwa…

Ubisoft Uplay Website Hacked

Ubisoft announced on July 2, 1013 that their Uplay website was exploited to gain unauthorized access to some of their online systems. The Uplay website is used by customers for online services platform where the customers can obtain content, awards and exclusive services for the games and software…

Apple Hotspot Default Password Risk – 21Jun13

MAVERICK CYBER ALERT > WHAT IT IS: Security researchers recently discovered that the default password set the hotspot feature of Apple iOS devices is trivially easy to hack. This is because the default password set is very small. In most cases, the passwords can be cracked in <30...

Why Encryption Matters More Than Ever – 09Jun13

Recent events in the news have reminded us that our information is neither private nor safe online. If it is not under attack by hackers, competitors, and opportunists, it is being mined, examined, parsed, and used against us by our own government. Strong encryption can help keep your data sa…

Understanding Non-persistence – 08Jun13

Why does Maverick recommend using non-persistent (live) operating systems to mobile and high-risk clients? Simple. Non-persistent Operating Systems (OS) do not stay embedded on your laptop or desktop hard drive. They run live in memory, and only while you are running them. …

SQL Injection Attacks & Countermeasures

SUMMARY SQL Injection attacks remain a significant threat to enterprises. While SQL Injection countermeasures are a necessity, they are – unfortunately – not a single fix or even effective in a single application. SQL countermeasures must be consistently applied and teste…