Google Play apps with 300,000 downloads stole user credentials
Researchers say they've found a batch of apps on the Google Play Store downloaded more than 300,000 times before they were shown to have trojans that siphoned passwords, 2FA (two-factor authentication) codes, took screenshots, and logged keystrokes.
The apps pose as PDF scanners, cryptocurrency ...
Sophisticated malware from PyPI was downloaded more than 41,000 times
PyPI, the open-source repository used by both large and small organizations to download code libraries, was hosting 11 malicious packages that were downloaded more than 41k times in one of the latest reports of an incident of this nature.
JFrog found the software supply chain risk. This security...
‘Trojan Source’ can inject malware into source code undetected
A new research paper has been published with details about a new technique that can be exploited to inject malware into source code without being detected. Named ‘Trojan Source' by Cambridge University researchers, the method involves the manipulation of source file encoding so that human viewers...
Forget Ransomware, the next big threat is “killware”
The U.S. Homeland Security Secretary says cyber attacks are increasingly posing risks to "public health and safety".
Alejandro Mayorkas, the current Secretary of the U.S. Department of Homeland Security, sat down for an interview with USA TODAY's Editorial Board last week. What he had to say ab...
Android malware tricks users into subscribing to costly SMS services
"Grifthorse" has already victimized 10 million people worldwide.
Security researchers have found a massive malware operation that has infected more than 10 million Android smartphones across more than 70 countries since at least November 2020 and is making millions of dollars for its operators o...
Akamai spends $600 million to acquire Tel Aviv-based Guardicores
Akamai Technologies’ acquisition of Guardicore is a move in the right direction and a great way to enhance its cybersecurity portfolio. The deal was announced on Wednesday, with terms saying that Akamai will pay about $600 million to acquire all outstanding equity.
Guardicore is a Tel Aviv-bas...
Two out of three malware attacks are ransomware
According to a report by Positive Technologies, ransomware accounts for 69% of all malware-based cyberattacks. The report says that ransomware has reached stratospheric levels in Q2 of the year. At the same time, the overall number of cyberattacks has not changed much, rising by about 0.3%, compare...
Systems with Apache OpenOffice are vulnerable by malicious documents
Apache OpenOffice is currently vulnerable to a remote code execution flaw. The app’s source code has been patched but the fix is only available as beta software, awaiting the official release.
That means that people running the open-source office suite, which has been downloaded hundreds of mi...
Palo Alto’s Okyo Garde WiFi router protects remote workers at home
The latest product out of Palo Alto is Okyo Garde, a wireless mesh router built with cybersecurity capabilities that enterprises can use to protect remote workers’ home networks from cyber attacks.
Since the pandemic began, many workers who do their jobs from home have had to do most of their ...
Microsoft introduces Microsoft Defender for Endpoint Plan 1
The move is in response to a massive surge in ransomware attacks.
This week Microsoft announced the preview of a core set of prevention and protection capabilities for client endpoints running Windows, macOS, Android, and iOS. This new solution will make it easier for more security teams to buy...
Splunk spots Monero crypto-mining malware on Windows Servers on AWS
Splunk, the data analysis firm, reported a resurgence of the Crypto botnet, a type of malware that attacks virtual servers running Windows Server inside Amazon Web Services. Splunk’s Threat Research Team (STRT) posted an analysis of the attack on Monday
In the report, it is thought that the at...
Malware developers rewrite malware in exotic languages
BlackBerry’s Research and Intelligence team just published a new report on Monday, showing that Go (Golang), D (DLang), Nim and Rust, are rising in popularity. The languages are enjoying an uptick for their characteristics which makes them better suited to evade security and addressing specific p...