Malware

Android apps are constantly being used by threat actors because of the availability of third-party app stores and the lack of strict app guidelines for apps published within those stores. Android users should only download apps through the official Google Play Store and only from trusted developers. https://www.bleepingcomputer.com/news/security/new-hook-android-malware-lets-hackers-remotely-control-your-phone/

Even though the data stolen in the breach did not include sensitive information, the stolen data could still be used to carry out attacks if used in conjunction with other publicly available data. The company has stated that the malicious activity has been contained at this point for this attack. Whenever a customer is notified by a company of a data breach, they should ensure they are taking the proper steps to protect themselves including…

BOLDMOVE demonstrates the value of two key things – patching and a defense in depth strategy. As this malware spreads primarily through FortiOS devices, which contain minimal logging capabilities, it can go undetected for large periods of time. Patching, however, would mitigate the threat as the systems would not be vulnerable in the first place. With up to date patching, this malware cannot spread unchecked throughout the environment, making it the best defense against this…

It has almost been a year since the invasion of Ukraine, and security researchers have discovered a series of new malware deployed against Ukrainian targets. These attacks have caused more global cooperation in support of Ukraine as well as a better understanding of Russian cyber capabilities and tactics. Russians have been targeting telecommunications, new agencies, and social media platforms to disrupt the flow of information within Ukraine. Although several attacks have been successful, CERT-UA has…

After the first breach was suffered, Mailchimp stated they’d be reassessing their security posture and making changes. Now that a second breach has occurred, it’s unclear if they did not take these steps, or their new defenses simply failed. Taking preventative security measures can go a long way and save valuable time, money, and reputation. Cyber attacks are not slowing down anytime soon, so it’s advised that companies that have not taken the next steps…

Credential stuffing attacks are a technique of using lists of credentials from past data breaches against a new site, with the goal of finding an account that reuses those compromised credentials across multiple sites. From and organizational standpoint, the best action to take against credential stuffing attacks is to educate end users on this form of attack and advise them of the dangers of using an identical password across multiple sites. In many cases, however,…