Informations about SSL certificates and networks security
Auto Added by WPeMatico
Google has removed 25 Android apps from its store because they steal Facebook credentials: Before being taken down, the 25 apps were collectively downloaded more than 2.34 million times. The malicious apps were developed by the same threat group and despite offering different features, under the hood, all the apps worked the same. According to … Read More “Android Apps Stealing Facebook Credentials” »
Report on espionage attacks using LinkedIn as a vector for malware, with details and screenshots. They talk about “several hints suggesting a possible link” to the Lazarus group (aka North Korea), but that’s by no means definite. As part of the initial compromise phase, the Operation In(ter)ception attackers had created fake LinkedIn accounts posing as … Read More “Nation-State Espionage Campaigns against Middle East Defense Contractors” »
A new malware, called Ramsey, can jump air gaps: ESET said they’ve been able to track down three different versions of the Ramsay malware, one compiled in September 2019 (Ramsay v1), and two others in early and late March 2020 (Ramsay v2.a and v2.b). Each version was different and infected victims through different methods, but … Read More “Ramsey Malware” »
US Cyber Command has uploaded North Korean malware samples to the VirusTotal aggregation repository, adding to the malware samples it uploaded in February. The first of the new malware variants, COPPERHEDGE, is described as a Remote Access Tool (RAT) “used by advanced persistent threat (APT) cyber actors in the targeting of cryptocurrency exchanges and related … Read More “US Government Exposes North Korean Malware” »
This is a good explanation of an iOS bug that allowed someone to break out of the application sandbox. A summary: What a crazy bug, and Siguza’s explanation is very cogent. Basically, it comes down to this: XML is terrible. iOS uses XML for Plists, and Plists are used everywhere in iOS (and MacOS). iOS’s … Read More “iOS XML Bug” »
It’s the twentieth anniversary of the ILOVEYOU virus, and here are three interesting articles about it and its effects on software design. Powered by WPeMatico
Interesting story of malware hidden in Google Apps. This particular campaign is tied to the government of Vietnam. At a remote virtual version of its annual Security Analyst Summit, researchers from the Russian security firm Kaspersky today plan to present research about a hacking campaign they call PhantomLance, in which spies hid malware in the … Read More “Malware in Google Apps” »
Microsoft is reporting that an Emotat malware infection shut down a network by causing computers to overheat and then crash. The Emotet payload was delivered and executed on the systems of Fabrikam — a fake name Microsoft gave the victim in their case study — five days after the employee’s user credentials were exfiltrated to … Read More “Emotat Malware Causes Physical Damage” »
Google presented its system of using deep-learning techniques to identify malicious email attachments: At the RSA security conference in San Francisco on Tuesday, Google’s security and anti-abuse research lead Elie Bursztein will present findings on how the new deep-learning scanner for documents is faring against the 300 billion attachments it has to process each week. … Read More “Deep Learning to Find Malicious Email Attachments” »
EKANS is a new ransomware that targets industrial control systems: But EKANS also uses another trick to ratchet up the pain: It’s designed to terminate 64 different software processes on victim computers, including many that are specific to industrial control systems. That allows it to then encrypt the data that those control system programs interact … Read More “New Ransomware Targets Industrial Control Systems” »