QR Codes Found Sending Users to Site Containing Android Trojan

QR codes have been showing up everywhere in the last few months, from magazine ads to the sides of buses to, oddly, billboards. And now they’ve shown up on the list of ways that attackers are delivering malware to victims, with the emergence of a new Android-based Trojan that is hiding on malicious sites linked to by some QR codes.

With the use of social media platforms such as Twitter, Facebook and Google+ becoming more and more prevalent in the enterprise, companies are having to come to grips with additional security concerns that they bring with them. But, according to the results of a new survey of IT and security professionals, that process is still in its early stages in many companies.

Cisco has patched a string of serious vulnerabilities in its IOS networking software, including some that could be used for remote code execution, and also fixed flaws in some of its other products. In all, Cisco released 10 advisories, nine of which concerned IOS vulnerabilities.

Mozilla has released Firefox 7, the latest version of its flagship browser, which includes a number of security fixes and other improvements. The new version is being touted as the fastest yet and also includes a new feature meant to conserve memory on users’ PCs.

One of the biggest talks at this year’s Black Hat Briefings was a presentation on the structural problem with digital certificate authorities by Moxie Marlinspike. The subsequent hack of Dutch certificate authority DigiNotar and a damning report on that attack only weeks later, and more recent reports of exploitable holes in both TLS and SSL only underscore the problems facing the entire PKI-based system for ensuring online identities.  

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.