Hello, welcome to the Tuesday, November 20th, 2018 edition of the Sansonet Storm Center's Stormcast.

My name is Johannes Ulrich, and I am recording from Jacksonville, Florida.

Android users, be aware Lucas Stefanko with ESET, found 13 fraudulent applications in Google's Play Store.

These 13 applications do not really do anything.

They claim to be games, but if you install one of them,

it will actually not even install an icon.

Instead, it will immediately download AdWware and essentially delete itself. So the only

thing these applications do is install adware on your system. Now yes you have to give the

application permission to do that. During the initial install it will essentially tell you

that it's now installing another application. It will

also request access to all network connections and it will request permission to start

whenever your phone is rebooted. So no real exploit involved here. The user is doing all the

work for these malicious applications.

Google has been notified of course and the URL from which that second part that adware

was downloaded is no longer accessible.

And the tags against ATMs, the automatic teller machines have been highly publicized over the last few months.

So positive technologies came out with a nice document summarizing the different weaknesses

and attacks against these machines.

Now, the attacks for the most part do require some level of physical access, but even as

little as having access to the network connection from the ATM to the bank does allow

for some attacks that are successful with the majority of devices that positive technologies tested. Other attacks typically

require, for example, an exposed USB port or other forms of physical access that usually

...