Device Security, Malware, Data security, Social engineering
SC StaffNovember 2, 2022
Android devices are being compromised with the caller SandStrike spyware distributed done a malicious VPN app, BleepingComputer reports. Social media accounts are being leveraged by menace actors to people Persian-speaking practitioners of the Bah Faith, a study from Kaspersky revealed. "To lure victims into downloading spyware implants, the SandStrike adversaries acceptable up Facebook and Instagram accounts with much than 1,000 followers and designed charismatic religious-themed materials, mounting up an effectual trap for adherents of this belief. Most of these societal media accounts incorporate a nexus to a Telegram transmission besides created by the attacker," said Kaspersky. Aside from exfiltrating telephone logs and interaction lists, SandStrike could besides show Android instrumentality activity, the study added. While SandStrike is yet to beryllium pinned to a circumstantial menace actor, different Kaspersky study showed that Exchange servers successful the Middle East susceptible to ProxyLogon vulnerabilities are being targeted with the caller FramedGolf backdoor. "The malware has been utilized to compromise astatine slightest a twelve organizations, starting successful April 2021 astatine the latest, with astir inactive compromised successful precocious June 2022," Kaspersky added.
Elon Tweets, Microsoft, KELA, Chegg, Overclocking, ConnectWise, & Aaran Leyland – SWN #252
November 1, 2022
This week successful the news, Dr. Doug talks: Elon Tweets, Microsoft, KELA, Chegg, Overclocking, Connectwise, and telephone repairs, on with Aaran Leyland connected the Security Weekly News!
More wide installed malicious Android apps identified
SC StaffNovember 2, 2022
BleepingComputer reports 4 malicious Android apps developed by Mobile apps Group with much than a cardinal cumulative downloads successful the Google Play Store person been enabling the theft of delicate accusation done phishing sites and "pay-per-click" gross generation.
Funding circular lands $25M for MedCrypt
SC StaffNovember 2, 2022
Medical instrumentality cybersecurity supplier MedCrypt has landed $25 cardinal successful a Series B backing round, bringing full concern to $34 million, successful a bid to amended support healthcare providers from aesculapian device-targeted cyberattacks, according to SiliconAngle.