Apple letter urges lawmakers to reject sideloading bill

Apple has written a letter urging lawmakers to reject a bill that would force the company to allow any apps to be installed on its mobile operating systems.

The letter, addressed to Senate Judiciary Chair Dick Durbin and Republican Chuck Grassley, claims the proposed bill will hurt user privacy and security if passed.

In question is the S. 2710 bill that would allow software downloaded from the web or other sources to be “sideloaded” on iOS.

“Sideloading...

Play Store’s AI security blocks almost one million policy-violating apps

Google’s AI-powered Play Store security has blocked almost one million policy-violating apps from reaching users.

In a blog post, Google detailed what it’s been doing to protect the billions of Android users and millions of developers creating apps for the world’s largest mobile platform.

2020 was a year when many of us made sacrifices to our freedoms to protect not just ourselves, but those around us. Unfortunately, criminals sought to take advantage of more...

Report: Developing markets are suffering a mobile malware pandemic

Anti-fraud platform Secure-D has released a report highlighting the mobile malware pandemic that developing markets are suffering.

The report is based on Secure-D’s processing of one billion mobile transactions and service sign-ups for 35 mobile operators in 23 emerging markets, helping to protect a total of almost 840 million users.  

Secure-D detected 46,000 malicious apps; with around one in six (16%) mobile devices in emerging markets carrying at least...

Hackers are using shared Xcode projects to infect Apple developers

Developers for Apple’s platforms are being hacked through importing shared Xcode projects infected with malware.

Researchers from SentinelOne detailed the growing trend after discovering a macOS malware dubbed XcodeSpy.

“Threat actors are abusing the Run Script feature in Apple’s Xcode IDE to infect unsuspecting Apple Developers via shared Xcode Projects,” the researchers explained.

“XcodeSpy is a malicious Xcode project that installs a custom variant...

Microsoft: Over 1,000 developers contributed to SolarWinds hack

According to Microsoft’s analysis of the devastating SolarWinds hack, over 1,000 developers were involved.

The attack was described as “the largest and most sophisticated attack the world has ever seen,” by Microsoft president Brad Smith on US show 60 Minutes.

SolarWinds develops software to help businesses manage their networks, systems, and IT infrastructure. The company’s Orion solution is used by ~33,000 public and private sector customers.

In...

GitHub warns Java developers about malware infecting NetBeans projects

GitHub has issued a warning to Java developers about malware which is specifically infecting NetBeans projects.

The security team for the world’s largest repository host has dubbed the malware Octopus Scanner and found “26 open source projects that were backdoored by this malware and that were actively serving backdoored code.”

GitHub notes the malware is designed to backdoor projects created using the Apache NetBeans IDE – a phenomenon they had not seen before...