Possible Malicious Linux.Xor.DDoS installed

I am not an expert in information security. I am running Lubuntu on a laptop. Today, I ran chkrootkit and it printed the following:

INFECTED: Possible Malicious Linux.Xor.DDoS installed /tmp/clamav-71d2ee99f7e011424ab238571d720a88.tmp 

I did run clamscan. This is the first time I have seen this notice. I could not find any other reporting on it. Is this a known false positive, or does it represent a genuine intrusion — and if it is the latter, is the proper response to just go in and delete that .tmp file?

Tracking domains in installed applications

Many websites have tracking domains in their webpages, which I block using "Privacy Badger" Extension by EFF.

These domains are easily visible by pressing Ctrl+U in Firefox to see the "Page Source".

Also I have observed that many apps(which I download from the Google Play Store) show the content which is exactly similar to the content accessed by any web browser on the related web pages. I guess that those apps are nothing more than a web browser in themselves, accessing the related web pages[I MIGHT BE WRONG].

In the above case(or even in the case where content accessed by apps is aesthetically and/or functionally different than that accessed by a browser) I guess that the tracking domains(which are on the related web pages) are also baked into the apps.

My questions:

  1. Are the tracking domains present in the apps also?
  2. Any way to verify their presence[as was the case with Firefox above]?
  3. How to block them from tracking the user[as Privacy Badger does]?

Note: I am just talking about "simple" tracking methods(domains), not "advanced" ones like fingerprinting, Tracking Pixels etc.

pip not found fresh Kali Linux installed

My Fresh kali Linux install doesn’t find pip and so i can’t run my scripts. So here is what i tried:

kali# pip -V Command not found  kali# whereis pip  pip:  kali# locate pip | grep /usr/bin /usr/bin/lesspipe /usr/bin/pipal  kali# apt-search python-pip python-pip-whl  kali# apt install python-pip-whl python-pip-whl is already installed 

I also tried to add ubuntu repos with the package python-pip. But didn’t work. Sooo….yeah. Nothing really helps. Can somebody plz help me? I use kali for like one year and this is the first time this happens to me 😀 What am i missing? Somebody can explain to me? Thx in Advance.

Security implication if android app can be installed on emulator

I am working on ensuring security of my company’s product. We have mobile version of the product. This question is for Android version

Background – Our product is a SaaS based product and app is meant to be used by different sales people of tenant organisation. We have implemented different layers of control for ensuring secure (or more like safe) environment for our app –

  • We check for root detection – (OS level check)
  • Implemented SSL pinning – (Transport layer level check)
  • Storing secrets in Android key chain
  • Minimal local data storage. Encrypt local data (that needs to be stored)

and list goes on. In short right from the device to communication layer to server layer we are in the process of covering every corner.

Question –

Problem –

The problem is we got one issue reported by one of the security researcher that says that as your app can be downloaded from android play store thus it can run on emulator and on emulator it is possible to bypass root detection. So it adds huge threat and should fixed immediately.

I searched alot but I cannot find security implication that could be possible if app can be installed on the emulator. Also I checked if I might have to fix it, what could be the possible solution. There are checks like looking if running environment is SDK, check if features like camera, or sensors are working but all those checks can be bypassed in emulator also.

It is kind of critical for me because if I accept this issue our client will see it in report and insist on getting it fix. I m running blank for implication that i would have to explain to Management and developer (if I accept) and fix (that might be required later)

Please provide your inputs