Monday 2/4
Google Yanks 29 Malicious Photo Apps From Play Store, But Not Before Millions of Downloads
Google yanked some 29 photo apps from the Play Store this week after they were discovered to have malicious code that pushes full-screen ads, steals information from users by tricking them into believing they have won a contest, and in some cases even lifted photos from devices to send to the malware designers behind the apps.
http://bit.ly/2WIdwuz
This password-stealing phishing attack comes disguised as a fake meeting request from the boss
The phishing messages spoof the name and email address of the CEO of the company being targeted and uses a subject line including the company name and a note about the meeting to gain the attention of potential victims. Users are more likely to fall for attacks they believe to come from their boss.
https://zd.net/2MLtf7E
Siri Shortcuts can be abused for extortion demands, malware propagation
A malicious Siri Shortcut script can also be made into a worm that automatically messages a victim's entire contacts list with a link to its source, asking others to install the script as well. It can also spread download links to even more potent malware, not just other Siri Shortcuts.
https://zd.net/2MPgxEX
Tuesday 2/5
Security researchers discover new Linux backdoor named SpeakUp
This script can scan local networks for open ports, brute-force nearby systems using a list of pre-defined usernames and passwords, and use one of seven exploits to take over unpatched systems.
https://zd.net/2WDs0Mx
Check Point partners with Ericom to jointly prevent browser-based attacks
The partnership combines Ericom’s Remote Browser Isolation (RBI) technology with Check Point’s threat intelligence security protection to generate a robust defense system that enables organizations to prevent web-borne threats and secure user access to all vital browser-based services and assets.
http://bit.ly/2DW72kN
Wednesday 2/6
Cyberattacks to watch for in 2019
Organizations will face cyber security threats in eight key areas in 2019 including information warfare, chip and pin weaknesses, weaponization of adware networks, and more.
https://zd.net/2TAYuoy
Tech support Scams Now Get Users to Install Potentially Unwanted Apps
Tech support scammers’ modus operandi is to get the victim to believe that their computer has been infected with malware, and that their only recourse is to call a technical support number for assistance on cleaning the system. Once on the call, a purported support executive would ask the victim for remote access to their computer and then charge a fee for the supposed cleaning they did.
https://symc.ly/2UFhFh2
Thursday 2/7
Microsoft security chief: Internet Explorer is not a browser so stop using it as your default
The main gist of Jackson's argument is you should only use Internet Explorer selectively for internal sites that need it, pointing to tools like Enterprise Mode Site List in IE 11 that help customers make the transition and limit IE use to where it's needed.
https://zd.net/2RH7gjf
Geodo Botnets Using New Spam Campaign to Deliver Qakbot Malware
This attack campaign comes amid a rise in activity for banking Trojans such as Qakbot and IcedID. Check Point observed a 50 percent increase in banking Trojan activity in the first half of 2018, with Dorkbot and Ramnit earning spots on the company’s “Most Wanted Malware” list for June of that year.
https://ibm.co/2tcflT3
Friday 2/8
Google warns about two iOS zero-days ‘exploited in the wild’
According to the Apple iOS 12.1.4 security changelog, CVE-2019-7286 impacts the iOS Foundation framework --one of the core components of the iOS operating system. The second zero-day, CVE-2019-72867, impacts I/O Kit, another iOS core framework that handles I/O data streams between the hardware and the software.
https://zd.net/2SgZ0LO
Deliver an exceptional end-user experience for your Citrix Workspace environment
Citrix Cloud services can deploy digital workspaces within hours, moving your sensitive app, desktop, and data resources to any cloud or hybrid cloud. It brings together everything a business needs to get work done, including apps, desktops, and files across any cloud and data center, and provides secure access on all networks and devices.
http://bit.ly/2GhMl56
WDigest Clear-Text Passwords: Stealing More Than a Hash
A configuration related to WDigest could hinder the security of your environment, specifically on the endpoint, by allowing an attacker to steal clear-text credentials from memory. Microsoft’s security update (KB2871997) addresses the issue on older versions of Windows, whereas newer versions should be secured by default.
http://bit.ly/2BrCgP3