What is this Agent Smith? Is it related to Matrix?

Recently a New virus has been found which is known as Agent Smith. This app hides like WhatsApp, Hotstar, Jiotv, Flipkart, Operamini and other apps.

This attack has occurred majorly in India, Pakistan and other Asian countries. Nearly 25million Android devices have been affected by this virus.

Agent Smith uses permissions which users blindly approve. The infected app modifies its name to something that looks more “authentic” like Google Updater or Google Themes or something else with Google in it.

And it also starts injecting its code into the bits of other popular apps like WhatsApp and Flipkart. This code is then used to serve more ads to users.

Now the question arises how to detect this virus. Well, you can’t detect it. But you can take precaution such as downloading the app from google play store and glance at the permissions the app is asking for, also if you are updating the app check the permission again before updating.

I know lots of users install the apps from 3rd party. After downloading the app upload it to VirusTotal and scan it. There is 62-64 antivirus on this server which will detect whether the app is safe or not based on that you can install it.

For more details visit this link

Is Android App safe?

Many of the Android apps have been collecting your data such as Messages, Calls, Location, Media and etc. There is a setting where you can block this permission for the apps. But is that sufficient?

Recently some of the applications have been caught collecting information even though you deny these application.

Researchers have reported these apps and bugs to Google. These bugs will be fixed once Andriod Q is rolled out. So until you receive update from google, turn off app permissions for the applications which are not needed.

For more details visit this link

CredSSP Flaw in Remote Desktop Protocol Affects all versions of windows

Hi Everyone,

A critical vulnerability has been discovered in Credential Security Support Provider protocol (CredSSP) that affects all versions of Windows to date and could allow remote attackers to exploit RDP and WinRM to steal data and run malicious code.

This Flaw was discovered by researchers at Cybersecurity firm Preempt Security. This issue can be exploited by Man-in-the-middle attack with wifi or physical access to the network.

How to defend yourself?

  1. Recommended: To patch workstation and servers using available updates from the Microsoft.
  2. It would be better if the use of the privileged account is decreased.  For more details click here