Play Store identified as main distribution vector for most Android malware
www.zdnet.com/article/play-store-identified-as-main-distribution-vector-for-most-android-malware The official Google Play Store has been identified as the primary source of malware installs on Android devices in a recent academic study considered the largest one of its kind carried out to date. Lisäksi: arxiv.org/pdf/2010.10088.pdf
Facebook link preview feature used as a proxy in website-scraping scheme
www.zdnet.com/article/facebook-link-preview-feature-used-as-a-proxy-in-website-scraping-scheme Multiple data-scraping groups have abused the Facebook link preview feature to scrape data from internet sites disguised as Facebook’s content crawler.
The Third-Party Ransomware Attack You Never Saw Coming
www.recordedfuture.com/understanding-third-party-ransomware-risk/ Ransomware attacks on third parties are not new, but their increasing frequency means that you need to treat it as an inevitability.
Recent ransomware wave targeting Israel linked to Iranian threat actors
www.zdnet.com/article/recent-ransomware-wave-targeting-israel-linked-to-iranian-threat-actors Israeli companies have seen an uptick in attacks and successful infections with the Pay2Key and WannaScream ransomware.
Targeted ransomware: it’s not just about encrypting your data!
securelist.com/targeted-ransomware-encrypting-data/99255/ When we talk about ransomware, we need to draw a line between what it used to be and what it currently is. Why? Because nowadays ransomware is not just about encrypting data it’s primarily about data exfiltration.
Poliisi on selvittänyt myös Kuopion Minna Canthin kouluun kohdistuneen uhkailijan henkilöllisyyden ja selvittää nyt kolmatta koulu-uhkauksen tekijää
www.poliisi.fi/tietoa_poliisista/tiedotteet/1/1/poliisi_on_selvittanyt_myos_kuopion_minna_canthin_kouluun_kohdistuneen_uhkailijan_henkilollisyyden_ja_selvittaa_nyt_kolmatta_koulu-uhkauksen_tekijaa_… Itä-Suomen poliisi on jatkanut kahteen kuopiolaiseen kouluun (Hatsalan koulu ja Minna Canthin koulu) kohdistuneiden Jodel -viestisovelluksen kautta tehtyjen uhkausten selvittelyä. Lisäksi:
COVID-19 Data-Sharing App Leaked Healthcare Worker Info
threatpost.com/covid-19-data-leaked-healthcare-worker-info/161108/ Philippines COVID-KAYA app allowed for unauthorized access typically protected by superuser’ credentials and also may have exposed patient data.
DDoS attacks are cheaper and easier to carry out than ever before
www.zdnet.com/article/ddos-attacks-are-cheaper-and-easier-to-carry-out-than-ever-before/ The sheer amount on insecure devices out there particularly IoT products means it’s simple for cyber criminals to create botnets and lease them out.
Minecraft Apps on Google Play Fleece Players Out of Big Money
threatpost.com/minecraft-apps-google-play-fleece-players/161125/ Fans of the popular Minecraft video game are in the crosshairs of cybercriminals, who have loaded up Google Play with scam apps bent on fleecing players out of cash. Lisäksi:
Decrypting OpenSSH sessions for fun and profit
blog.fox-it.com/2020/11/11/decrypting-openssh-sessions-for-fun-and-profit/ A while ago we had a forensics case in which a Linux server was compromised and a modified OpenSSH binary was loaded into the memory of a webserver. The modified OpenSSH binary was used as a backdoor to the system for the attackers.