Connect with us

Biz & IT

Fleksy’s AI keyboard is getting a store to put mini apps at chatters’ fingertips

Published

on

Remember Fleksy? The customizable Android keyboard app has a new trick up its sleeve: It’s adding a store where users can find and add lightweight third party apps to enhance their typing experience.

Right now it’s launched a taster, preloading a selection of ‘mini apps’ into the keyboard — some from very familiar brand names, some a little less so — so users can start to see how it works.

The first in-keyboard apps are Yelp (local services search); Skyscanner (flight search); Giphy (animated Gif search); GifNote (music Gifs; launching for U.S. users only for rights reasons); Vlipsy (reaction video clips); and Emogi (stickers) — with “many more” branded apps slated as coming in the next few months.

They’re not saying exactly what other brands are coming but there are plenty of familiar logos to be spotted in their press materials — from Spotify to Uber to JustEat to Tripadvisor to PayPal and more…

The full keyboard store itself — which will let users find and add and/or delete apps — will be launching at the end of this month.

The latest version of the Fleksy app can be downloaded for free via the Play Store.

Mini apps made for messaging

The core idea for these mini apps (aka Fleksyapps) is to offer lightweight additions designed to serve the messaging use case.

Say, for example, you’re chatting about where to eat and a friend suggests sushi. The Yelp Fleksyapp might pop up a contextual suggestion for a nearby Japanese restaurant that can be shared directly into the conversation — thereby saving time by doing away with the need for someone to cut out of the chat, switch apps, find some relevant info and cut and paste it back into the chat.

Fleksyapps are intended to be helpful shortcuts that keep the conversation flowing. They also of course put brands back into the conversation.

“We couldn’t be more excited to bring the power of the world’s popular songs with GIFs, videos and photos to the new Fleksyapps platform,” says Gifnote co-founder, John vanSuchtelen, in a supporting statement.

Fleksy’s mini apps appear above the Qwerty keyboard — in much the same space as a next-word prediction. The user can scroll through the app stack (each a tiny branded circle until tapped on to expand) and choose one to interact with. It’s similar to the micro apps lodged in Apple’s iMessage but on Android where iMessage isn’t… The team also plans for Fleksy to support a much wider range of branded apps — hence the Fleksyapps store.

In-keyboard apps is not a new concept for the dev team behind Fleksy; an earlier keyboard app of theirs (called ThingThing) offered micro apps they built themselves as a tool to extend its utility.

But now they’re hoping to garner backing and buy in from third party brands excited about the exposure and reach they could gain by being where users spend the most device time: The keyboard.

“Think of it a bit like the iMessage equivalent but on Android across any app. Or the WeChat mini program but inside the keyboard, available everywhere — not only in one app,” CEO Olivier Plante tells TechCrunch. “That’s a problem of messaging apps these days. All of them are verticals but the keyboard is horizontal. So that’s the benefit for those brands. And the user will have the ability to move them around, add some, to remove some, to explore, to discover.”

“The brands that want to join our platform they have the option of being preloaded by default. The analogy is that by default on the home screen of a phone you are by default in our keyboard. And moving forward you’ll be able to have a membership — you’re becoming a ‘brand member’ of the Fleksyapps platform, and you can have your brand inside the keyboard,” he adds.

The first clutch of Fleksyapps were developed jointly, with the team working with the brands in question. But Plante says they’re planning to launch a tool in future so brands will be able to put together their own apps — in as little as just a few hours.

“We’re opening this array of functionalities and there’s a lot of verticals possible,” he continues. “In the future months we will embed new capabilities for the platform — new type of apps. You can think about professional apps, or cloud apps. Accessing your files from different types of clouds. You have the weather vertical. You have ecommerce vertical. You have so many verticals.

“What you have on the app store today will be reflected into the Fleksyappstore. But really with the focus of messaging and being useful in messaging. So it’s not the full app that we want to bring in — it’s really the core functionality of this app.”

The Yelp Fleksyapp, for example, only includes the ability to see nearby places and search for and share places. So it’s intentionally stripped down. “The core benefit for the brand is it gives them the ability to extend their reach,” says Plante. “We don’t want to compete with the app, per se, we just want to bring these types of app providers inside the messenger on Android across any app.”

On the user side, the main advantage he touts is “it’s really, really fast — fleshing that out to: “It’s very lightweight, it’s very, very fast and we want to become the fastest access to content across any app.”

Users of Fleksyapps don’t need to have the full app installed because the keyboard plugs directly into the API of each branded service. So they get core functionality in bite-sized form without a requirement to download the full app. (Of course they can if they wish.)

So Plante also notes the approach has benefits vis-a-vis data consumption — which could be an advantage in emerging markets where smartphone users’ choices may be hard-ruled by the costs of data and/or connectivity limits.

“For those types of users it gives them an ability to access content but in a very light way — where the app itself, loading the app, loading all the content inside the app can be megabits. In Fleksy you’re talking about kilobits,” he says.

Privacy-sensitive next app suggestions

While baking a bunch of third party apps into a keyboard might sound like a privacy nightmare, the dev team behind Fleksy have been careful to make sure users remain in control.

To wit: Also on board is an AI keyboard assistant (called Fleksynext) — aka “a neural deep learning engine” — which Plante says can detect the context, intention and sentiment of conversations in order to offer “very useful” app suggestions as the chat flows.

The idea is the AI supports the substance of the chat by offering useful functionality from whatever pick and mix of apps are available. Plante refers to these AI-powered ‘next app’ suggestions as “pops”.

And — crucially, from a privacy point of view — the Fleksynext suggestion engine operates locally, on device.

That means no conversation data is sent out of the keyboard. Indeed, Plante says nothing the user types in the keyboard itself is shared with brands (including suggestions that pop up but get ignored). So there’s no risk — as with some other keyboard apps — of users being continually strip-mined for personal data to profile them as they type.

That said, if the user chooses to interact with a Fleksyapp (or its suggestive pop) they are then interacting with a third party’s API. So the usual tracking caveats apply.

“We interact with the web so there’s tracking everywhere,” admits Plante. “But, per se, there’s not specific sensitive data that is shared suddenly with someone. It is not related with the service itself — with the Fleksy app.”

The key point is that the keyboard user gets to choose which apps they want to use and which they don’t. So they can choose which third parties they want to share their plans and intentions with and which they don’t.

“We’re not interesting in making this an advertising platform where the advertiser decides everything,” emphasizes Plante. “We want this to be really close to the user. So the user decides. My intentions. My sentiment. What I type decides. And that is really our goal. The user is able to power it. He can tap on the suggestion or ignore it. And then if he taps on it it’s a very good quality conversion because the user really wants to access restaurants nearby or explore flights for escaping his daily routine… or transfer money. That could be another use-case for instance.”

They won’t be selling brands a guaranteed number of conversions, either.

That’s clearly very important because — to win over users — Fleksynext suggestions will need to feel telepathically useful, rather than irritating, misfired nag. Though the risk of that seems low given how Fleksy users can customize the keyboard apps to only see stuff that’s useful to them.

“In a sense we’re starting reshape a bit how advertising is seen by putting the user in the center,” suggests Plante. “And giving them a useful means of accessing content. This is the original vision and we’ve been very loyal to that — and we think it can reshape the landscape.”

“When you look into five years from now, the smartphone we have will be really, really powerful — so why process things in the cloud? When you can process things on the phone. That’s what we are betting on: Processing everything on the phone,” he adds.

When the full store launches users will be able to add and delete (any) apps — included preloads. So they will be in the driving seat. (We asked Plante to a confirm the user will be able to delete all apps, including any pre-loadeds and he said yes. So if you take him at his word Fleksy will not be cutting any deals with OEMs or carriers to indelibly preload certain Fleksyapps. Or, to put it another way, crapware baked into the keyboard is most definitely not plan.)

Depending on what other Fleksyapps launch in future a Fleksy keyboard user could choose to add, for example, a search service like DuckDuckGo or France’s Qwant to power a pro-privacy alternative to using Google search in the keyboard. Or they could choose Google.

Again the point is the choice is theirs.

Scaling a keyboard into a platform

The idea of keyboard-as-platform offers at least the possibility of reintroducing the choice and variety of smartphone app stores back before the cynical tricks of attention-harvesting tech giants used their network effects and platform power to throttle the app economy.

The Android keyboard space was also a fertile experiment ground in years past. But it’s now dominated by Google’s Gboard and Microsoft-acquired Swiftkey. Which makes Fleksy the plucky upstart gunning to scale an independent alternative that’s not owned by big tech and is open to any third party that wants to join its mini apps party.

“It will be Bing search for Swiftkey, it will be Google search for Gboard, it will be Google Music, it will be YouTube. But on our side we can have YouTube, we can also have… other services that exist for video. The same way with pictures and the same way for file-sharing and drive. So you have Google Drive but you have Dropbox, you have OneDrive, there’s a lot of services in the cloud. And we want to be the platform that has them all, basically,” says Plante.

The original founding team of the Fleksy keyboard was acqui-hired by Pinterest back in 2016, leaving the keyboard app itself to languish with minimal updates. Then two years ago Barcelona-based keyboard app maker, ThingThing, stepped in to take over development.

Plante confirms it’s since fully acquired the Fleksy keyboard technology itself — providing a solid foundation for the keyboard-as-platform business it’s now hoping to scale with the launch of Fleksyapps.

Talking of scale, he tells us the startup is in the process of raising a multi-million Series A — aiming to close this summer. (ThingThing last took in $800,000 via equity crowdfunding last fall.)

The team’s investor pitch is the keyboard offers perhaps the only viable conduit left on mobile to reset the playing field for brands by offering a route to cut through tech giant walled gardens and get where users are spending most of their time and attention: i.e. typing and sharing stuff with their friends in private one-to-one and group chats.

That means the keyboard-as-platform has the potential to get brands of all stripes back in front of users — by embedding innovative, entertaining and helpful bite-sized utility where it can prove its worth and amass social currency on the dominant messaging platforms people use.

The next step for the rebooted Fleksy team is of course building scale by acquiring users for a keyboard which, as of half a year ago, only had around 1M active users from pure downloads.

Its strategy on this front is to target Android device makers to preload Fleksy as the default keyboard.

ThingThing’s business model is a revenue share on any suggestions the keyboard converts, which it argues represent valuable leads for brands — given the level of contextual intention. It is also intending to charge brands that want to be preloaded on the Fleksy keyboard by default.

Again, though, a revenue share model requires substantial scale to work. Not least because brands will need to see evidence of scale to buy into the Fleksyapps’ vision.

Plante isn’t disclosing active users of the Fleksy keyboard right now. But says he’s confident they’re on track to hit 30M-35M active users this year — on account of around ten deals he says are in the pipeline with device makers to preload Fleksy’s keyboard. (Palm was an early example, as we reported last year.)

The carrot for OEMs to join the Fleksyapps party is they’re cutting them in on the revenue share from user interactions with branded keyboard apps — playing to device makers’ needs to find ways to boost famously tight hardware margins.

“The fact that the keyboard can monetize and provide value to the phone brands — this is really massive for them,” argues Plante. “The phone brands can expect revenue flowing in their bank account because we give the brands distribution and the handset manufacturer will make money and we will make money.”

It’s a smart approach, and one that’s essentially only possible because Google’s own Gboard keyboard doesn’t come preloaded on the majority of Android devices. (Exceptions include its own Pixel brand devices.) So — unusually for a core phone app on Android — there’s a bit of an open door where the keyboard sits, instead of the usual preloaded Google wares. And that’s an opportunity.

Markets wise, ThingThing is targeting OEMs in all global regions with its Fleksy pitch — barring China (which Plante readily admits it too complex for a small startup to sensibly try jumping at).

Apps vs tech giants

In its stamping ground of Europe there are warm regulatory winds blowing too: An European Commission antitrust intervention last year saw Google hit with a $5BN fine over anti-competitive practices attached to its Android platform — forcing the company to change local licensing terms.

That antirust decision means mobile makers finally have the chance to unbundle Google apps from devices they sell in the region.

Which translates into growing opportunities for OEMs to rethink their Android strategies. Even as Google remains under pressure not to get in the way by force feeding any more of its wares.

Really, a key component of this shift is that device makers are being told to think, to look around and see what else is out there. For the first time there looks to be a viable chance to profit off of Android without having to preload everything Google wants.

“For us it’s a super good sign,” says Plante of the Commission decision. “Every monopolistic situation is a problem. And the market needs to be fragmented. Because if not we’re just going to lose innovation. And right now Europe — and I see good progress for the US as well — are trying to dismantle the imposed power of those big guys. For the simple evolution of human being and technology and the future of us.”

“I think good things can happen,” he adds. “We’re in talks with handset manufacturers who are coming into Europe and they want to be the most respectful of the market. And with us they have this reassurance that you have a good partner that ensures there’s a revenue stream, there’s a business model behind it, there’s really a strong use-case for users.

“We can finally be where we always wanted to be: A choice, an alternative. But having Google imposing its way since start — and making sure that all the direct competition of Google is just a side, I think governments have now seen the problem. And we’re a winner of course because we’re a keyboard.”

But what about iOS? Plante says the team has plans to bring what they’re building with Fleksy to Apple’s mobile platform too, in time. But for now they’re fully focusing efforts on Android — to push for scale and execute on their vision of staking their claim to be the independent keyboard platform.

Apple has supported third party keyboards on iOS for years. Unfortunately, though, the experience isn’t great — with a flaky toggle to switch away from the default Apple keyboard, combined with heavy system warnings about the risks of using third party keyboards.

Meanwhile the default iOS keyboard ‘just works’ — and users have loads of extra features baked by default into Apple’s native messaging app, iMessage.

Clearly alternative keyboards have found it all but impossible to build any kind of scale in that iOS pincer.

“iOS is coming later because we need to focus on these distribution deals and we need to focus on the brands coming into the platform. And that’s why iOS right now we’re really focusing for later. What we can say is it will come later,” says Plante, adding: “Apple limits a lot keyboards. You can see it with other keyboard companies. It’s the same. The update cycle for iOS keyboard is really, really, really slow.”

Plus, of course, Fleksy being preloaded as a default keyboard on — the team hopes — millions of Android devices is a much more scalable proposition vs just being another downloadable app languishing invisibly on the side lines of another tech giant’s platform.

Source link

Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published.

Biz & IT

Google closes data loophole amid privacy fears over abortion ruling

Published

on

Google is closing a loophole that has allowed thousands of companies to monitor and sell sensitive personal data from Android smartphones, an effort welcomed by privacy campaigners in the wake of the US Supreme Court’s decision to end women’s constitutional right to abortion.

It also took a further step on Friday to limit the risk that smartphone data could be used to police new abortion restrictions, announcing it would automatically delete the location history on phones that have been close to a sensitive medical location such an abortion clinic.

The Silicon Valley company’s moves come amid growing fears that mobile apps will be weaponized by US states to police new abortion restrictions in the country.

Companies have previously harvested and sold information on the open market including lists of Android users using apps related to period tracking, pregnancy and family planning, such as Planned Parenthood Direct.

Over the past week, privacy researchers and advocates have called for women to delete period-tracking apps from their phones to avoid being tracked or penalised for considering abortions.

The US tech giant announced last March that it would restrict the feature, which allows developers to see which other apps are installed and deleted on individuals’ phones. That change was meant to be implemented last summer, but the company failed to meet that deadline citing the pandemic among other reasons.

The new deadline of July 12 will hit just weeks after the overturning of Roe vs Wade, a ruling that has thrown a spotlight on how smartphone apps could be used for surveillance by US states with new anti-abortion laws.

“It’s long overdue. Data brokers have been banned from using the data under Google’s terms for a long time, but Google didn’t build safeguards into the app approvals process to catch this behavior. They just ignored it,” said Zach Edwards, an independent cyber security researcher who has been investigating the loophole since 2020.

“So now anyone with a credit card can purchase this data online,” he added.

Google said: “In March 2021, we announced that we planned to restrict access to this permission, so that only utility apps, such as device search, antivirus, and file manager apps, can see what other apps are installed on a phone.”

It added: “Collecting app inventory data to sell it or share it for analytics or ads monetisation purposes has never been allowed on Google Play.”

Despite widespread usage by app developers, users remain unaware of this feature in Android software—a Google-designed programming interface, or API, known as the “Query All Packages.” It allows apps, or snippets of third-party code inside them, to query the inventory of all other apps on a person’s phone. Google itself has referred to this type of data as high-risk and “sensitive,” and it has been discovered being sold on to third parties.

Researchers have found that app inventories “can be used to precisely deduce end users interests and personal traits,” including gender, race and marital status, among other things.

Edwards has found that one data marketplace, Narrative.io, was openly selling data obtained by intermediaries in this way, including smartphones using Planned Parenthood, and various period tracking apps.

Narrative said it removed pregnancy tracking and menstruation app data from its platform in May, in response to the leaked draft outlining the Supreme Court’s forthcoming decision.

Another research company, Pixalate, discovered that consumer apps, like a simple weather app, were running bits of code that exploited the same Android feature and were harvesting data for a Panamanian company with ties to US defense contractors.

Google said it “never sells user data, and Google Play strictly prohibits the sale of user data by developers. When we discover violations we take action,” adding it had sanctioned multiple companies believed to be selling user data.

Google said it would restrict the Query All Packages feature to only those who require it from July 12. App developers will be required to fill out a declaration explaining why they need access, and notify Google of this before the deadline so it can be vetted.

“Deceptive and undeclared uses of these permissions may result in a suspension of your app and/or termination of your developer account,” the company warned.

Additional reporting by Richard Waters.

© 2022 The Financial Times Ltd. All rights reserved Not to be redistributed, copied, or modified in any way.

Continue Reading

Biz & IT

Billing fraud apps can disable Android Wi-Fi and intercept text messages

Published

on

Android malware developers are stepping up their billing fraud game with apps that disable Wi-Fi connections, surreptitiously subscribe users to pricey wireless services, and intercept text messages, all in a bid to collect hefty fees from unsuspecting users, Microsoft said on Friday.

This threat class has been a fact of life on the Android platform for years, as exemplified by a family of malware known as Joker, which has infected millions of phones since 2016. Despite awareness of the problem, little attention has been paid to the techniques that such “toll fraud” malware uses. Enter Microsoft, which has published a technical deep dive on the issue.

The billing mechanism abused in this type of fraud is WAP, short for wireless application protocol, which provides a means of accessing information over a mobile network. Mobile phone users can subscribe to such services by visiting a service provider’s web page while their devices are connected to cellular service, then clicking a button. In some cases, the carrier will respond by texting a one-time password (OTP) to the phone and requiring the user to send it back in order to verify the subscription request. The process looks like this:

Microsoft

The goal of the malicious apps is to subscribe infected phones to these WAP services automatically, without the notice or consent of the owner. Microsoft said that malicious Android apps its researchers have analyzed achieve this goal by following these steps:

  1. Disable the Wi-Fi connection or wait for the user to switch to a mobile network
  2. Silently navigate to the subscription page
  3. Auto-click the subscription button
  4. Intercept the OTP (if applicable)
  5. Send the OTP to the service provider (if applicable)
  6. Cancel the SMS notifications (if applicable)

Malware developers have various ways to force a phone to use a cellular connection even when it’s connected to Wi-Fi. On devices running Android 9 or earlier, the developers can invoke the setWifiEnabled method of the WifiManager class. For versions 10 and above, developers can use the requestNetwork function of the ConnectivityManager class. Eventually, phones will load data exclusively over the cellular network, as demonstrated in this image:

Microsoft

Once a phone uses the cellular network for data transmission, the malicious app surreptitiously opens a browser in the background, navigates to the WAP subscription page, and clicks a subscribe button. Confirming the subscription can be tricky because confirmation prompts can come by SMS, HTTP, or USSD protocols. Microsoft lays out specific methods that malware developers can use to bypass each type of confirmation. The Microsoft post then goes on to explain how the malware suppresses periodic messages that the subscription service may send the user to remind them of their subscription.

“By subscribing users to premium services, this malware can lead to victims receiving significant mobile bill charges,” Microsoft researchers wrote. “Affected devices also have increased risk because this threat manages to evade detection and can achieve a high number of installations before a single variant gets removed.”

Google actively bars apps from its Play market when it detects signs of fraud or malice, or when it receives reports of malicious apps from third parties. While Google often doesn’t remove malicious apps until after they have infected millions of users, apps downloaded from Play are generally regarded as more trustworthy than apps from third-party markets.

Continue Reading

Biz & IT

Microsoft Exchange servers worldwide hit by stealthy new backdoor

Published

on

Getty Images

Researchers have identified stealthy new malware that threat actors have been using for the past 15 months to backdoor Microsoft Exchange servers after they have been hacked.

Dubbed SessionManager, the malicious software poses as a legitimate module for Internet Information Services (IIS), the web server installed by default on Exchange servers. Organizations often deploy IIS modules to streamline specific processes on their web infrastructure. Researchers from security firm Kaspersky have identified 34 servers belonging to 24 organizations that have been infected with SessionManager since March 2021. As of earlier this month, Kaspersky said, 20 organizations remained infected.

Stealth, persistence, power

Malicious IIS modules offer an ideal means to deploy powerful, persistent, and stealthy backdoors. Once installed, they will respond to specifically crafted HTTP requests sent by the operator instructing the server to collect emails, add further malicious access, or use the compromised servers for clandestine purposes. To the untrained eye, the HTTP requests look unremarkable, even though they give the operator complete control over the machine.

“Such malicious modules usually expect seemingly legitimate but specifically crafted HTTP requests from their operators, trigger actions based on the operators’ hidden instructions if any, then transparently pass the request to the server for it to be processed just like any other request,” Kaspersky researcher Pierre Delcher wrote. “As a result, such modules are not easily spotted by usual monitoring practices: they do not necessarily initiate suspicious communications to external servers, receive commands through HTTP requests to a server that is specifically exposed to such processes, and their files are often placed in overlooked locations that contain a lot of other legitimate files.”

Kaspersky

Once SessionManager is deployed, operators use it to profile the infected environment further, gather passwords stored in memory, and install additional tools, including a PowerSploit-based reflective loader, Mimikat SSP, ProcDump, and a legitimate Avast memory dump tool. Kaspersky obtained multiple SessionManager variants that date back to at least March 2021. The samples show a steady evolution that has added more features with each new version. The most recent version of the malicious module includes the following:

Command name
(SM_SESSION cookie value)
Command parameters
(additional cookies)
Associated capability
GETFILE FILEPATH: path of file to be read. FILEPOS1: offset at which to start reading, from file start.

FILEPOS2: maximum number of bytes to read.

Read the content of a file on the compromised server and send it to the operator as an HTTP binary file named cool.rar.
PUTFILE FILEPATH: path of file to be written.

FILEPOS1: offset at which to start writing.

FILEPOS2: offset reference.

FILEMODE: requested file access type.

Write arbitrary content to a file on the compromised server. The data to be written in the specified file is passed within the HTTP request body.
DELETEFILE FILEPATH: path of file to be deleted. Delete a file on the compromised server.
FILESIZE FILEPATH: path of file to be measured. Get the size (in bytes) of the specified file.
CMD None. Run an arbitrary process on the compromised server. The process to run and its arguments are specified in the HTTP request body using the format: <executable path>t<arguments>. The standard output and error data from process execution are sent back as plain text to the operator in the HTTP response body.
PING None. Check for SessionManager deployment. The “Wokring OK” (sic.) message will be sent to the operator in the HTTP response body.
S5CONNECT S5HOST: hostname to connect to (exclusive with S5IP).

S5PORT: offset at which to start writing.

S5IP: IP address to connect to if no hostname is given (exclusive with S5HOST).

S5TIMEOUT: maximum delay in seconds to allow for connection.

Connect from compromised host to a specified network endpoint, using a created TCP socket. The integer identifier of the created and connected socket will be returned as the value of the S5ID cookie variable in the HTTP response, and the status of the connection will be reported in the HTTP response body.
S5WRITE S5ID: identifier of the socket to write to, as returned by S5CONNECT. Write data to the specified connected socket. The data to be written in the specified socket is passed within the HTTP request body.
S5READ S5ID: identifier of the socket to read from, as returned by S5CONNECT. Read data from the specified connected socket. The read data is sent back within the HTTP response body.
S5CLOSE S5ID: identifier of the socket to close, as returned by S5CONNECT. Terminate an existing socket connection. The status of the operation is returned as a message within the HTTP response body.

Remember ProxyLogon?

SessionManager gets installed after threat actors have exploited vulnerabilities known as ProxyLogon within Microsoft Exchange servers. Kaspersky has found it infecting NGOs, governments, militaries, and industrial organizations in Africa, South America, Asia, and Europe.

Kaspersky

Kaspersky said it has medium-to-high confidence that a previously identified threat actor that researchers call Gelsemium has been deploying SessionManager. Security firm ESET published a deep dive on the group (PDF) last year. Kaspersky’s attribution is based on the overlap of code used by the two groups and victims targeted.

Disinfecting servers that have been hit by SessionManager or similar malicious IIS modules is a complicated process. Kaspersky’s post contains indicators that organizations can use to determine if they’ve been infected and steps they should take in the event they’ve been infected.

Continue Reading

Trending