ThreatList: Skype-Themed Apps Hide a Raft of Malware
Hundreds of thousands of malware files are disguised as well-known social conferencing and collaboration apps.
Source: Threat Post – Web Security –
[...]
AuthorTara Seals
xHelper: The Russian Nesting Doll of Android Malware
Ultimately delivering the Triada payload, xHelper goes to great lengths to become virtually indestructible once installed on a smartphone.
Source: Threat Post
[...]
Beyond Zoom: How Safe Are Slack and Other Collaboration Apps?
COVID-19’s effect on work footprints has created an unprecedented challenge for IT and security staff. Many departments are scrambling to enable collaboration apps
[...]
44M Digital Wallet Items Exposed in Key Ring Cloud Misconfig
Millions of IDs, charge cards, loyalty cards, gift cards, medical marijuana ID cards and personal information was left exposed to the open internet.
[...]
Critical WordPress Plugin Bug Can Lock Admins Out of Websites
A second vulnerability could be used to prevent access to almost all of a site’s existing content, by simply redirecting visitors.
Source:
[...]
Watering-Holes Target Asian Ethnic Victims with Flash Update Decoy
About 10 compromised websites employ a multi-stage, targeted effort to fingerprint and compromise victims.
Source: Threat Post – Web Security – Watering-Holes
[...]
Nation-State Attacks Drop in Latest Google Analysis
Phishing and zero-days continue to be a core part of the APT arsenal.
Source: Threat Post – Web Security – Nation-State Attacks
[...]
Zeus Sphinx Banking Trojan Arises Amid COVID-19
The malware is back after three years, looking to cash in on interest in government relief efforts around coronavirus.
Source: Threat Post
[...]
Critical CODESYS Bug Allows Remote Code Execution
CVE-2020-10245, a heap-based buffer overflow that rates 10 out of 10 in severity, exists in the CODESYS web server and takes little skill
[...]
Emerging APT Mounts Mass iPhone Surveillance Campaign
The malware, the work of a new APT called TwoSail Junk, allows deep surveillance and total control over iOS devices.
Source: Threat
[...]