CyberSecurity Updates

07 Jun

Malware found in more than 190 Android apps

Malware

SpinOk malware has been found in multiple Android apps that have been downloaded more than 30 million times. The malware-riddled apps were found on the Google Play store, following an investigation by cyber security company CloudSEK. Following their investigation, the research team found that 193 apps on the Google Play store were infected with malware, 43 of which were active within the last week. SpinOk malware was first discovered by cyber security software company Dr…

Read More
07 Jun

VMware Plugs Critical Flaws in Network Monitoring Product

Information, News

Virtualization technology giant VMware on Wednesday shipped urgent patches to cover security defects in the Aria Operations for Networks product, warning that the flaws expose business to remote code execution attacks. VMware released an advisory documenting three critical-severity vulnerabilities haunting the network and application monitoring tool and called special attention to a command injection issue (CVE-2023-20887) that carries a CVSSv3 base score of 9.8/10. “A malicious actor with network access to VMware Aria Operations for…

Read More
07 Jun

New tool enables team collaboration on security case management

Data Breaches, Malware, Social Engineering

Security automation and orchestration platform Tines has added a new case management capability, dubbed Cases, to allow security teams to collaborate on security incidents. This collaboration feature is aimed at enabling the teams to efficiently handle anomalies, automation, and remediations. “With Cases, Tines users — which range from startups to Fortune 10 — can deploy a new capability that addresses the critical flaws in existing case management solutions, from a lack of customizations and integrations…

Read More
07 Jun

Sysdig adds “end-to-end” detection and response to CNAPP

Data Breaches, Malware, Social Engineering

Cloud security firm Sysdig has embedded cloud detection and response (CDR) into its cloud-native application protection platform (CNAPP). The company claims to be the first vendor to offer this consolidation, a move that enables its CNAPP to detect threats with 360-degree visibility and correlation across workloads, identities, cloud services, and third-party applications. It leverages Falco, a widely adopted open-source standard for cloud threat detection governed by the Cloud Native Computing Foundation, in both agent and…

Read More
07 Jun

CISA and FBI Release #StopRansomware: CL0P Ransomware Gang Exploits MOVEit Vulnerability

Attacks, Insights, Malware

CISA and FBI released a joint Cybersecurity Advisory (CSA) CL0P Ransomware Gang Exploits MOVEit Vulnerability in response to a recent vulnerability exploitation attributed to CL0P Ransomware Gang. This [joint guide] provides indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) identified through FBI investigations as recently as May this year. Additionally, it provides immediate actions to help reduce the impact of CL0P ransomware.  The CL0P Ransomware Gang, also known as TA505, reportedly began exploiting a previously unknown SQL…

Read More
07 Jun

Over 60,000 Android apps infected with adware-pushing malware

Data Breaches, Malware, Social Engineering

Bitdefender has uncovered a hidden malware campaign living undetected on mobile devices worldwide for more than six months. The campaign is designed to push adware to Android devices with the purpose of driving revenue.  “However, the threat actors involved can easily switch tactics to redirect users to other types of malware, such as banking trojans to steal credentials and financial information or ransomware,” Bitdefender said in a blog. To date, the cybersecurity firm has discovered…

Read More
07 Jun

10 security tool categories needed to shore up software supply chain security

Data Breaches, Malware, Social Engineering

As security leaders progress in their establishment of software supply chain security programs, they face a good news-bad news situation with the tools available to them — literally: the technology is rapidly advancing for good and for bad. The good news of the rapidly advancing software supply chain security technology is that the brisk pace of innovation provides increasing opportunities to gain greater visibility and transparency into the vast array of components and code that…

Read More
06 Jun

Service Rents Email Addresses for Account Signups

Information, Insights

One of the most expensive aspects of any cybercriminal operation is the time and effort it takes to constantly create large numbers of new throwaway email accounts. Now a new service offers to help dramatically cut costs associated with large-scale spam and account creation campaigns, by paying people to sell their email account credentials and letting customers temporarily rent access to a vast pool of established accounts at major providers. The service in question —…

Read More
06 Jun

7 tips for spotting a fake mobile app

Information

Plus, 7 ways to tell that you downloaded a sketchy app and 7 tips for staying safe from mobile security threats in the future You’ve just downloaded a new mobile game, cryptocurrency wallet, or fitness app, but something isn’t right. Your phone’s screen is swamped by annoying ads, the app is not doing what you would expect it do, and, God forbid, you found an unauthorized transaction on your bank account. Chances are good that…

Read More
06 Jun

MOVEit zero-day exploit used by data breach gangs: The how, the why, and what to do…

Information

by Paul Ducklin Last week, Progress Software Corporation, which sells software and services for user interface development, devops, file management and more, alerted customers of its MOVEit Transfer and related MOVEit Cloud products about a critical vulnerability dubbed CVE-2023-34362. As the name suggests, MOVEit Transfer is a system that makes it easy to store and share files throughout a team, a department, a company, or even a supply chain. In its own words, “MOVEit provides…

Read More