A Developer’s Use of Parallels Access

Like many other developers, I am pretty excited about all the announcements that Apple made at the recent World Wide Developer’s Conference (WWDC). The one announcement that interested me the most was the new programming language, Swift.  Personally, I have a lot of experience in Objective-C, the current programming language used to create Mac and iOS apps, and from the WWDC presentations, Swift seemed to be an excellent update to Objective-C. I was anxious to learn more about Swift, and even more to begin using it. So, I downloaded all the necessary beta releases and installed them.

For me, learning a new programming language takes a good-sized block of uninterrupted time, and since I had a couple of five-hour flights coming up, that seemed like a perfect use of that time.

Unfortunately, to use Swift you need to run it on a Mac, and for those of you who have taken any plane flights recently, you know that all the seats are full and the seats in coach seemed to get smaller and smaller with each passing day. No way I would be able to use my 15” MacBook Pro in a coach seat for this task.

However, even in coach, there is plenty of space for an iPad.

So, I used Parallels Access on my iPad on the plane, and got to play with the Swift language for several hours. And Parallels was happy to pay for my in-flight WiFi! I was one happy developer when the plane landed.

 

New iOS, Android Mobile Malware Discovered by Kaspersky Lab

CE874E4C-A8B1-4476-B183-EB790C1C0E90.png

As more and more people leverage their mobile devices for work, it is essential for them to be able to work safely and securely while protecting sensitive company data. But survey after survey shows that most workers think of security in terms of protecting their physical device. Meanwhile, increasingly sophisticated mobile malware tools are creating dangerous new security pitfalls.

A fresh report from Kaspersky Lab this week revealed the discovery of a massive international infrastructure used to control “Remote Control System” (RCS) malware implants, and highlighted several previously undiscovered mobile Trojans that work across Android and iOS.

The newly discovered Trojans are basically a range of customized spying tools, and run as part of an existing spyware tool called RCS, aka Galileo. Largely leveraged by government organizations looking to gain complete dominion over targeted phones, they have already infected a who’s who list of victims including activists and human rights advocates, as well as journalists and politicians.

Kaspersky has been studying RCS malware carefully for the past few years and collaborated closely with Citizen Lab to extensively dissect the spyware tool, which was created by an Italian company called HackingTeam. 

Here’s what you need to know to keep yourself protected: 

How It Infects:

Victims are targeted through a range of methods, including spearphishing via social engineering – often coupled with exploits, including zero-days – and local infections via USB cables while synching mobile devices.

What It Does:

A customized and very discreet spying tool, the RCS mobile Trojans are capable of performing various surveillance functions, including reporting on a user’s location, taking photos, copying events from the calendar, registering new SIM cards inserted into the infected device, and intercepting phone calls and messages.

The Android module uses obfuscation to make it harder to detect, reverse-engineer and examine the module. Before installing itself on machines, the main tool has scouting agents that conduct reconnaissance to identify anything on a system that might detect it. Attempting to uninstall it can bring up a prompt asking the user for permission to uninstall an application called “DeviceInfo” (what the spy tool calls itself).

The iOS module also takes great pains to avoid detection. It uses advanced techniques to avoid draining the phone’s battery, for example, it will only turn on a phone’s microphone under certain conditions.

How To Protect Yourself:

Armed with anti-forensic features, the modules primarily target jailbroken phones. If you want to avoid the risk, don’t jailbreak and make sure to update your operating system to the latest version. Kaspersky Lab also has products that help you detect HackingTeam’s spyware tools. For more details, check out their blog at SecureList.

Stay safe, mobile device users, it’s a jungle out there.