Image
Featured on Google Play Home Page, Android Police, Yahoo News, CNET, Android Central, Droid-Life and more. AZ Screen Recorder  is the best app to record the screen of your Lollipop. It does NOT require root access,  no time limit , no watermark, ad free and very easy to use with one action to start and stop recording. This screen recording app will let you make beautiful screencast videos by providing every feature that you need in a simple and elegant user experience design. AZ screen recorder lets you record your screen to HD and FullHD videos and it is the only screencast app in the Android market that can be paused and resumed while recording. You can also record audio from the mic and it is automatically muxed into the screencast videos. That makes it very convenient to create tutorial, promotional video, comment about your game and gameplay or record video chat.
Post a Comment

Stagefright New Android Virus .(Read it CareFully) Otherwise it will send your SMS MMS and Any Chat to Hacker


In July 2015, security company Zimperium announced that it had discovered a "unicorn" of a vulnerability inside the Android operating system. More details were publicly disclosed at the BlackHat conference in early August — but not before headlines declaring that nearly a billion Android devices could potentially be taken over without their users even knowing it.
So what is "Stagefright"? And do you need to worry about it?
We're continuously updating this post as more information is released. Here's what we know, and what you need to know.

What is Stagefright?

"Stagefright" is the nickname given to a potential exploit that lives fairly deep inside the Android operating system itself. The gist is that a video sent via MMS (text message) could be theoretically used as an avenue of attack through the libStageFright mechanism (thus the "Stagefright" name), which helps Android process video files
. Many text messaging apps — Google's Hangouts app was specifically mentioned — automatically process that video so it's ready for viewing as soon as you open the message, and so the attack theoretically could happen without you even knowing it.
Because libStageFright dates back to Android 2.2, hundreds of millions of phones contain this flawed library.

Aug. 17-18: Exploits remain?

Just as Google began rolling out updates for its Nexus line, the Exodus firm published a blog post snarkily saying that at least one exploit remained unpatched, implying that Google screwed up with the code. UK publication The Register, in a flouncily written piece, quotes an engineer from Rapid7 as saying the next fix will come in September's security update — part of the new monthly security patching process.
Google, for its part, has yet to publicly address this latest claim.
In the absence of any further details for this one, we're inclined to believe that at worse we're back where we started — that there are flaws in libStageFight, but that there are other layers of security that should mitigate the possibility of devices actually being exploited.
One Aug. 18. Trend Micro published a blog post on another flaw in libStageFright. It said it had no evidence of this exploit actually being used, and that Google published the patch to the Android Open Source Project on Aug. 1.

New Stagefright details as of Aug. 5

In conjunction with the BlackHat conference in Las Vegas — at which more details of the Stagefright vulnerability were publicly disclosed — Google addressed the situation specifically, with lead engineer for Android security Adrian Ludwig telling NPR that "currently, 90 percent of Android devices have a technology called ASLR enabled, which protects users from the issue."
This is very much at odds with the "900 million Android devices are vulnerable" line we have all read. While we aren't going to get into the midst of a war of words and pedantry over the numbers, what Ludwig was saying is that devices running Android 4.0 or higher — that's about 95 percent of all active devices with Google services — have protection against a buffer overflow attack built in.
ASLR (Address Space Layout Randomization) is a method that keeps an attacker from reliably finding the function he or she wants to try and exploit by random arrangement of memory address spaces of a process. ASLR has been enabled in the default Linux Kernel since June 2005, and was added to Android with Version 4.0 (Ice Cream Sandwich).
How's that for a mouthful?
What it means is that the key areas of a program or service that's running aren't put into the same place in RAM every time. Putting things into memory at random means any attacker has to guess where to look for the data they want to exploit.
This isn't a perfect fix, and while a general protection mechanism is good, we still need direct patches against known exploits when they arise. Google, Samsung (1), (2) and Alcatel have announced a direct patch for stagefright, and Sony, HTC and LG say they will be releasing update patches in August.

Who found this exploit?

The exploit was announced July 21 by mobile security firm Zimperium as part of an announcement for its annual party at the BlackHat conference. Yes, you read that right. This "Mother of all Android Vulnerabilities," as Zimperium puts it, was announced July 21 (a week before anyone decided to care, apparently), and just a few words the even bigger bombshell of "On the evening of August 6th, Zimperium will rock the Vegas party scene!" And you know it's going to be a rager because it's "our annual Vegas party for our favorite ninjas," completely with a rockin' hashtag and everything.

How widespread is this exploit?

Again, the number of devices with the flaw in the libStageFright library itself is pretty huge, because it's in the OS itself. But as noted by Google a number of times, there are other methods in place that should protect your device. Think of it as security in layers.

here is the more detail from wikipedia.org about the virus

https://en.wikipedia.org/wiki/Stagefright_(bug)

Stagefight detector apps

We don't really see the point in using a "detector" app to see if your phone is vulnerable to the Stagefright exploit. But if you must, there are some available.
  • Lookout Mobile Stagefright Detector
  • Zimperium Stagefright Detector
  • Stagefright is believed to be the worst Android vulnerability yet discovered. All devices running Android versions Froyo 2.2 to Lollipop 5.1.1 are affected, which are used by approximately 95% of all Android devices, by nearly 1 billion people. Hackers only need to know your phone number to infect your device.
    The malware is delivered via a multimedia message (MMS) sent to any messenger app that can process a specific video format - like an Android device’s native messaging app, Google Hangouts and WhatsApp.
    If you want to learn more about this issue, please visit Avast blog.
    The most common Android messaging apps load videos automatically. You can protect yourself by disabling the Auto retrieve feature in your default messaging app, so that videos cannot be loaded in the background and infect your device.
    Instructions for the most common messaging apps can be found in the following articles:
    • Instruction for Messages app
    • Instruction for Google Hangouts app
    • Instruction for Messenger app
    • Instruction for Messaging app
    • Instruction for WhatsApp
    Instruction for Messages app
    1. Open the Messages app and click on the three dots icon in the upper-right corner.
    2. Click on Settings in the dropdown menu.
    3. Click on Multimedia messages.
    4. Uncheck Auto retrieve.
    5. Double-check if your Messages settings look like this:
    Instruction for Google Hangouts app
    1. Open the Google Hangouts app and click on the three lines in the upper-left corner.
    2. Click on Settings.
    3. Click on SMS.
    4. Scroll down to Advanced and uncheck Auto retrieve MMS.
    5. Double-check if your Google Hangouts SMS settings look like this:
    Instruction for Messenger app
    1. Open the Messenger app and click on the three dots in the upper-right corner.
    2. Click on Settings in the dropdown menu.
    3. Click on Advanced.
    4. Uncheck Auto retrieve.
    5. Double-check if your Messenger Advanced settings look like this:
    Instruction for Messaging app
    1. Open the Messaging app and click on the three dots in the lower-right corner.
    2. Click on Settings.
    3. Scroll down to Multimedia (MMS) messages and uncheck Auto retrieve MMS.
    4. Double-check if your Messaging settings look like this:
    WhatsApp
    1. Open WhatsApp and click on the three dots in the upper right hand corner.
    2. Click on Settings.
    3. Click on Chat Settings.
    4. Click Media auto-download.
    5. Click When using mobile data and/or When connected on Wi-Fi.
    6. The When connected on Wi-Fi settings are automatically set to download videos, so it is important to uncheck the checkmark.
    7. The When connected on mobile data settings are NOT automatically set to download videos, but in case you did enable it, you should disable it.
    8. Your WhatsApp Media auto-download should now look like this:

Comments

Post a Comment

Popular posts from this blog

Image
Featured on Google Play Home Page, Android Police, Yahoo News, CNET, Android Central, Droid-Life and more. AZ Screen Recorder  is the best app to record the screen of your Lollipop. It does NOT require root access,  no time limit , no watermark, ad free and very easy to use with one action to start and stop recording. This screen recording app will let you make beautiful screencast videos by providing every feature that you need in a simple and elegant user experience design. AZ screen recorder lets you record your screen to HD and FullHD videos and it is the only screencast app in the Android market that can be paused and resumed while recording. You can also record audio from the mic and it is automatically muxed into the screencast videos. That makes it very convenient to create tutorial, promotional video, comment about your game and gameplay or record video chat.
Read more

Truecaller – Caller ID & Block (Premium) 11.46.7 Apk + Mod Android

Image
250 million people trust   Truecaller   for their communication needs, whether it’s for caller ID or for blocking spam calls and SMS. It filters out the unwanted, and lets you connect with people who matter. With a community-based spam list updated by millions of users worldwide, Truecaller is the only app you need to make your communication safe and efficient. Smart Messaging: Free Chat with your friends and family on Truecaller Automatically identify every unknown SMS Automatically block spam and telemarketing SMS Block by name and number series Powerful Dialer: The world’s best Caller ID will identify anyone calling you Block spam and telemarketers See names of unknown numbers in the call history Call Recording – Record important phone calls and save them to your phone (not supported on Android Pie) Flash messaging – Share location, emoji & status in a flash to your friends Backup call history, contacts, messages and settings to Google Drive
Read more

VSCO Cam Pro Mod Apk 202 (VSCO X UNLOCKED) Android

Image
  VSCO   is a place where expression matters most. We offer creative photo and video editing tools, inspiration, and a place for you to be you. Share your photos and videos with #VSCO for a chance to be curated by VSCO. We can’t wait to see what you create. FREE PHOTO EDITOR Take your photography to the next level with 10 free VSCO presets. Easily import and edit your RAW photos. Use editing tools like Contrast and Saturation to make your photos pop or use Grain and Fade to add texture and mimic analog film effects. Adjust or play around with your photo perspectives with Crop and Skew. Save and recreate your favorite edits with Recipes.
Read more