Android apps with 45 million installs used data harvesting SDK.
Views expressed in this cybersecurity-cybercrime update are those of the reporters and correspondents.
Accessed on 07 April 2022, 2332 UTC.
Content provided by “BleepingComputer.com” via https://feedly.com.
Please click link or scroll down to read your selections.
Android apps with 45 million installs used data harvesting SDK
Mobile malware analysts warn about a set of applications available on the Google Play Store, which collected sensitive user data from over 45 million devices. […]
FIN7 hacking group ‘pen tester’ sentenced to 5 years in prison
Denys Iarmak, a Ukrainian member and a “pen tester for the FIN7 financially-motivated hacking group, was sentenced on Thursday to 5 years in prison for breaching victims’ networks and stealing credit card information for roughly two years, between November 2016 and November 2018. […]
Microsoft takes down APT28 domains used in attacks against Ukraine
Microsoft has successfully disrupted attacks against Ukrainian targets coordinated by the Russian APT28 hacking group after taking down seven domains used as attack infrastructure. […]
Google boosts Android security with new set of dev policy changes
Google has announced several key policy changes for Android application developers that will increase the security of users, Google Play, and the apps offered by the service. […]
New malware targets serverless AWS Lambda with cryptominers
Security researchers have discovered the first malware specifically developed to target Amazon Web Services (AWS) Lambda cloud environments with cryptominers. […]
Malicious web redirect service infects 16,500 sites to push malware
A new TDS (Traffic Direction System) operation called Parrot has emerged in the wild, having already infected servers hosting 16,500 websites of universities, local governments, adult content platforms, and personal blogs. […]
Bearded Barbie hackers catfish high ranking Israeli officials
The Hamas-backed hacking group tracked as ‘APT-C-23’ was found catfishing Israeli officials working in defense, law, enforcement, and government agencies, ultimately leading to the deployment of new malware. […]
Palo Alto Networks firewalls, VPNs vulnerable to OpenSSL bug
American cybersecurity company Palo Alto Networks warned customers on Wednesday that some of its firewall, VPN, and XDR products are vulnerable to a high severity OpenSSL infinite loop bug disclosed three weeks ago […]
New FFDroider malware steals Facebook, Instagram, Twitter accounts
A new information stealer named FFDroider has emerged, stealing credentials and cookies stored in browsers to hijack victims’ social media accounts. […]
UK retail chain The Works shuts down stores after cyberattack
British retail chain The Works announced it was forced to shut down several stores due to till issues caused by a cyber-security incident involving unauthorized access to its computer systems. […]
VMware warns of critical vulnerabilities in multiple products
VMware has warned customers to immediately patch critical vulnerabilities in multiple products that could be used by threat actors to launch remote code execution attacks. […]
Ongoing Atlassian Jira, Confluence outage affects customers worldwide
An ongoing outage affects numerous Atlassian customers, causing their Jira and Confluence instances to not be accessible for over twenty-four hours. […]
US disrupts Russian Cyclops Blink botnet before being used in attacks
US government officials announced today the disruption of the Cyclops Blink botnet controlled by the Russian-backed Sandworm hacking group before being used in attacks. […]
Microsoft: Multiple .NET Framework versions reach end of life in April
Microsoft has reminded customers that multiple .NET Framework versions signed using the insecure Secure Hash Algorithm 1 (SHA-1) will reach their end of life this month. […]
AMD confirms GPU driver bug overclocks CPUs without permission
AMD is investigating an issue in its GPU software suite that causes an auto-adjustment of AMD Ryzen CPU performance settings for users without permission. […]
U.S. sanctions crypto-exchange Garantex for aiding Hydra Market
The U.S. Department of the Treasury’s Office has announced sanctions against the cryptocurrency exchange Garantex, which has been linked to illegal transactions for Hydra Market. […]
For the latest cybersecurity news and information, please check the blog sidebar, links, and twitter posts.
https://paper.li/RussellRoberts (machine learning, artificial intelligence, IoT, information security)