STRANDHOGG BUG

-
■ StrandHogg(Cyber security ):
Recently, the Ministry of Home Affairs has sent an alert to all States warning them about the vulnerability in the Android operating system that allows malware
applications to pose as legitimate apps and access user data of all kinds. Promon, a Norwegian firm specialising in In-App protection, found proof of this dangerous Android vulnerability, which they call 'StrandHogg’.
■ BUG:----A bug is a general term used to describe any unexpected problem with hardware or software.
● A "bug" is an error or defect in software or hardware that causes a program to malfunction.
● The vulnerability allows sophisticated malware attacks without the need for a device to be rooted to the Android operating system.
● Attackers exploit Android's control setting called 'taskAffinity', which enables any app to freely assume any identity in Android's multi tasking system
.
■ HOW STRANDHOGG WORKS :- A malicious app installed on an Android smartphone can
exploit the StrandHogg bug to trigger malicious code when the user starts another app -- via a feature called "task reparenting."
● Basically, a user taps on a legitimate app, but executes code from a malicious one. As can be seen from the example images below, tapping a legitimate app's icon triggers code executed by the malicious app -- code which can ask for intrusive permission or show phishing pages.

■ DROPPER APPS:---Dropper apps are those that either have or pretend to have the functionality of popular apps,
but they also install
additional apps to a device that can be malicious or steal data.
■ WHAT ARE THE SAFE STEPS
Currently, there is no effective block or even detection method against
StrandHogg on the device itself. However, as a user, you should be alert to the following discrepancies in your device:
An app or service that you’re already logged into is asking for a login.
• Permission popups that do not contain an app name.
• Permissions asked from an app that shouldn’t require or need the permissions it asks for. For e.g., a calculator app asking for GPS permission.
• Typos and mistakes in the user interface.
• Buttons and links in the user interface that does nothing when clicked on.
• Back button does not work as expected.

Comments

Post a Comment

Popular posts from this blog

INDIAN MUSIC

-
Image
Indian music:-- Music notes - Raga  ,  also spelled rag or ragam , in the classical music of India, Bangladesh, and Pakistan. It is a melodic framework for improvisation and composition. A raga is based on a scale with a given set of notes, a typical order in which they appear in melodies, and characteristic musical motifs. The basic components of a raga can be written down in the form of a scale. By using only these notes, by emphasizing certain degrees of the scale, and by going from note to note in ways characteristic to the raga, the performer sets out to create a mood or atmosphere. There are several hundred ragas in present use, and thousands are possible in theory. • Characteristics of Ragas The Raga is the most important concept that any student of Indian music should understand.   A rag may be thought of as an acoustic method of colouring the mind of the listener with an emotion.  It is not a tune, melody, scale, mode, or any concept for which an English word
Read more

ODISSI OF ODISHA

-
Image
ODISSI: ORISSA,one of the earliest dance form . It is referred as "mobile-Sculpture" as it is a graceful sensuous and lyrical , Odissi is a dance of love and passion touching on the divine and the human, the sublime and the mundane. The Natya Shastra mentions many regional varieties, such as the south-eastern style known as the Odhra Magadha which can be identified as the earliest precursor of present day Odissi..  ODISSI Archaeological evidence of this dance form dating back to the 2nd century B.C. is found in the caves of Udayagiri and Khandagiri near Bhubaneshwar. Later, innumerable examples of the Buddhist sculptures, the tantric images of dancing Yoginis, the Nataraja, and other celestial musicians and dancers of early Shaivite temples bear testimony to a continuing tradition of dance from the 2nd century B.C.E to the 10th century C.E. These influences found synthesis in an unique philosophy - the dharma or faith of Jagannath. With Hinduism taking roots in O
Read more

THE CLASSICAL DANCE KUCHIPUDI

-
Image
KUCHIPUDI:--Kuchipudi is one of the classical styles of Indian dance. Around the third and fourth decade of this century it emerged out of a long rich tradition of dance-drama of the same name. Yamini Steps in Kuchipudi In fact, Kuchipudi is derived from the name of a village " kuseelavapuri "/ kuchelapuram Krishna district of Andhra Pradesh. Kuseelavas were groups of dancers who used to perform by going village to village. Andhra has a very long tradition of dance-drama which was known under the generic name of Yakshagaana. In 17th century Kuchipudi style of Yakshagaana was conceived by Siddhendra Yogi a talented Vaishnava poet and visionary who had the capacity to give concrete shape to some of his visions. He was steeped in the literary Yakshagaana tradition being guided by his guru Teerthanaaraayana Yogi who composed the Krishna-Leelatarangini. a kaavya in Sanskrit.. A step in Kuchipudi Kuchipudi step   In compliance with this command Siddhendra Yogi c
Read more