CyberSecurity Updates

05 Dec

Antivirus Provider Dr. Web Discovers Numerous Malicious Apps on Google Play Store

Attacks, Malware

Prior to downloading any apps from the Play store, users should read reviews to help verify their legitimacy. It is important to make sure Play Protect is active and being used as well. If users identify any of the apps mentioned above on their devices, they should be deleted immediately. https://www.bleepingcomputer.com/news/security/android-malware-apps-with-2-million-installs-spotted-on-google-play/?&web_view=true

Read More
05 Dec

Apple Faces Critics Over Its Privacy Policies

Information, News

Apple presents itself as a white knight on the subject of privacy, but critics say its own advertising ambitions are built on anti-competitive practices.  Two developers going by the name ‘Mysk’ claimed last month that Apple was tracking users’ every tap on the App Store, with no way of disabling the function.  A class action lawsuit was subsequently filed in California, claiming that Apple’s “promises regarding privacy are utterly false”.  The company has not commented…

Read More
05 Dec

CISA Adds One Known Exploited Vulnerability to Catalog

Attacks, Insights, Malware

Original release date: December 5, 2022 CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column, which will sort by descending dates. Binding Operational Directive (BOD)…

Read More
05 Dec

FCC’s proposal to strengthen emergency alert security might not go far enough

Data Breaches, Malware, Social Engineering

In October, the US Federal Communications Commission (FCC) launched a notice of proposed rulemaking (NPRM) to strengthen the security of the nation’s emergency alert system (EAS) and wireless emergency alerts (WEA). These systems warn the public about emergencies through alerts on their televisions, radios, and wireless phones via AM, FM, satellite radio, broadcast, cable, and satellite TV. Although EAS Participants are required to broadcast presidential alerts, they voluntarily participate in broadcasting state and local EAS…

Read More
05 Dec

When blaming the user for a security breach is unfair – or just wrong

Data Breaches, Malware, Social Engineering

In his career in IT security leadership, Aaron de Montmorency has seen a lot — an employee phished on their first day by someone impersonating the CEO, an HR department head asked to change the company’s direct deposit information by a bogus CFO, not to mention multichannel criminal engagement with threat actors attacking from social media to email to SMS text. In these cases, the users almost fell for it, but something didn’t feel right.…

Read More
05 Dec

Number Nine! Chrome fixes another 2022 zero-day, Edge not patched yet

Information

by Paul Ducklin It’s just under two weeks since Google rushed out a Chrome patch for the then-current version 107 to seal off a bug that was already being used in real-life attacks. The company said nothing more about that bug than to describe it as a “heap buffer overflow in GPU” [sic], and to report that it was already being used in real-world attacks. Google left all of the following questions unanswered: How might…

Read More
03 Dec

FBI Director Raises National Security Concerns About TikTok

Information, News

FBI Director Chris Wray is raising national security concerns about TikTok, warning Friday that control of the popular video sharing app is in the hands of a Chinese government “that doesn’t share our values.” Wray said the FBI was concerned that the Chinese had the ability to control the app’s recommendation algorithm, “which allows them to manipulate content, and if they want to, to use it for influence operations.” He also asserted that China could…

Read More
03 Dec

ScarCruft updates its toolset – Week in security with Tony Anscombe

Information

Deployed against carefully selected targets, the new backdoor combs through the drives of compromised systems for files of interest before exfiltrating them to Google Drive This week, ESET researchers published their analysis of a previously undocumented backdoor that the ScarCruft APT group has used against carefully selected targets. ScarCruft is an espionage group that has been operating since at least 2012 and mainly takes aim at South Korea. The group’s new backdoor, which ESET named…

Read More
03 Dec

Apple pushes out iOS security update that’s more tight-lipped than ever

Information

by Paul Ducklin It’s just under a month since iOS 16.1.1 came out for Apple iPhone users, fixing a pair of bugs that were listed with the worrying words “a remote user may be able to cause unexpected app termination or arbitrary code execution”. Both macOS 13 Ventura and iPadOS got updated at the same time, with a pair of security bulletins published on Apple’s web site. Now, there’s another security update, apparently moving iPhone…

Read More
02 Dec

Newly Discovered Lilac Wolverine Associated with Gift Card Scams

Attacks, Malware

Gift card email scams still work as cyber criminals know how to exploit users’ emotions. Therefore, be cautious of such unsolicited emails that carry an emotionally charged plea to help someone who does not exist. Having good email security measures also helps block such emails from reaching inboxes. https://cyware.com/news/newly-discovered-lilac-wolverine-associated-with-gift-card-scams-8827ee76

Read More