- Details
- The Hacker News
August 03, 2023 The Hacker News published Threat actors are leveraging a technique called versioning to evade Google Play Store's malware detections and target Android users.
"Campaigns using versioning commonly target users' credentials, data, and finances," Google Cybersecurity Action Team (GCAT) said in its August 2023 Threat Horizons Report shared with The Hacker News.
While versioning is not a new phenomenon, it's sneaky and hard to detect. In this method, a developer releases an initial version of an app on the Play Store that passes Google's pre-publication checks, but is later updated with a malware component.
This is achieved by pushing an update from an attacker-controlled server to serve malicious code on the end user device using a method called dynamic code loading (DCL), effectively turning the app into a backdoor. Read More..
- Details
- BleepingComputer
August 03, 2023 BleepingComputer published The malicious Rilide Stealer Chrome browser extension has returned in new campaigns targeting crypto users and enterprise employees to steal credentials and crypto wallets.
Rilide is a malicious browser extension for Chromium-based browsers, including Chrome, Edge, Brave, and Opera, that Trustwave SpiderLabs initially discovered in April 2023.
When first discovered, the Rilide browser extension impersonated the legitimate Google Drive extensions to hijack the browser, monitor all user activity, and steal information like email account credentials or cryptocurrency assets. Read More..
- Details
- Bleeping Computers
May 22, 2023 Bleeping Computers news published The ALPHV ransomware group (aka BlackCat) was observed employing signed malicious Windows kernel drivers to evade detection by security software during attacks. The driver seen by Trend Micro is an improved version of the malware known as 'POORTRY' that Microsoft, Mandiant, Sophos, and SentinelOne spotted in ransomware attacks late last year....Read More......
- Details
- Bleeping Computers
May 16, 2023 Bleeping Computers news published that updates have been available, both updates are triggering the L2TP/IPsec VPN speed issues after deployment. Additional user reports reveal that, apparently, the issue affects only Wi-Fi connections, with wired ones not impacted by the speed drop...Read More......
- Details
- SANS Internet Storm Center
May 15, 2023 SANS Internet Storm Centerpublished that The Internet Storm Center often receive examples of current malspamand phishing e-mails from our readers. Most of them are uninteresting, but some turn out to be notable for one reason or another. This was the case with several messages that Charlie, one of our readers, has submittedto us since the beginning of 2023. .Read More......
- New Phishing-as-a-Service Platform Lets Cybercriminals Generate Convincing Phishing Pages
- Microsoft Fixes Windows Bug, Secure Boot Bypass Under Active Attack
- Gmail Gets Blue Verification Checks to Protect Against Spoofing and Phishing
- iPhone Users Report Problems Installing Appleās First Rapid Security Response Update
- LOBSHOT: A Stealthy, Financial Trojan and Info Stealer Delivered through Google Ads