Android malware on Google Play adds devices to botnet

We have encountered a new and highly prevalent type of Android malware (detected as Android.Sockbot) posing as apps on Google Play and later adding compromised devices into a botnet. So far we have identified at least eight such apps, with an install base ranging from 600,000 to 2.6 million devices. This malware appears primarily targeting…

Google offers Advanced Protection for high-risk users of its services

High-risk Google users – journalists, human rights and civil society activists, but also campaign staffers and people in abusive relationships – can now take advantage of Google’s Advanced Protection Program to keep their account safe from extremely targeted attacks. What is Advanced Protection? “Advanced Protection provides Google’s strongest security, designed for those who are at…

Taiwan Bank Heist Linked to North Korean Hackers

A recent cyber-heist that targeted a bank in Taiwan has been linked by security researchers to an infamous threat group believed to be operating out of North Korea. Hackers exploited the SWIFT global financial network to steal roughly $60 million from Taiwan’s Far Eastern International Bank. The money was transferred to several countries, but bank…

Security Pros Admit Snooping on Corporate Network: Survey

IT security professionals, particularly executives, often access information that is not relevant to their day-to-day work, according to a new One Identity study focusing on “snooping” on the corporate network. Dimensional Research polled more than 900 IT security professionals on behalf of One Identity. The respondents were from various types of companies in the United…

Android Ransomware Abuses Accessibility Services

A newly discovered ransomware family targeting Android devices is abusing the platform’s accessibility services, ESET warns. Dubbed DoubleLocker, this innovative Android malware doesn’t merely encrypt users’ data, but also locks the infected devices down, security researchers from ESET say. The ransomware is based on the source code of BankBot banking Trojan, which is already known for misusing…

Tech Giants Warn of Crypto Flaw in Infineon Chips

Microsoft, Google, HP, Lenovo and Fujitsu have warned customers of a potentially serious crypto-related vulnerability affecting some chips made by German semiconductor manufacturer Infineon Technologies. TPM vulnerability allows attackers to obtain private RSA keys The flaw, tracked as CVE-2017-15361, is related to the Trusted Platform Module (TPM), an international standard designed for protecting crypto processes…

Printers: The Weak Link in Enterprise Security

Organizations frequently overlook printer security, leaving systems exposed to malware and theft. New tools aim to lessen the risk. PC security has become a priority for security leaders following global ransomware attacks earlier this year. If they didn’t before, everyone from CISOs to everyday consumers knows it’s a bad idea to ignore security updates or…

How to survive the worsening cyber threat landscape

Don’t expect the cyber threat landscape to get safer anytime soon. That’s the message given by speakers at two recent Boston-based events. “By any measure you want to use, the trend line is going the wrong way,” said Rob Joyce, White House cybersecurity coordinator, speaking at the Cambridge Cyber Summit hosted by CNBC and The…

Hackers Used Government Servers in DNSMessenger Attacks

A recently discovered DNSMessenger campaign is abusing compromised U.S. state government servers to host malware, Cisco Talos security researchers say. First uncovered in early March, the DNSMessenger attack involved the use of DNS requests to establish communication between a PowerShell RAT and its command and control (C&C) servers. Completely fileless and invisible to most standard defenses, the…