This Week in Technology

This Week in Technology

By Eric Corcoran
Posted in Technology Week in Review
On February 08, 2019

Monday 2/4

Google Yanks 29 Malicious Photo Apps From Play Store, But Not Before Millions of Downloads

Google yanked some 29 photo apps from the Play Store this week after they were discovered to have malicious code that pushes full-screen ads, steals information from users by tricking them into believing they have won a contest, and in some cases even lifted photos from devices to send to the malware designers behind the apps.

This password-stealing phishing attack comes disguised as a fake meeting request from the boss

The phishing messages spoof the name and email address of the CEO of the company being targeted and uses a subject line including the company name and a note about the meeting to gain the attention of potential victims. Users are more likely to fall for attacks they believe to come from their boss.

Siri Shortcuts can be abused for extortion demands, malware propagation

A malicious Siri Shortcut script can also be made into a worm that automatically messages a victim's entire contacts list with a link to its source, asking others to install the script as well. It can also spread download links to even more potent malware, not just other Siri Shortcuts.

Tuesday 2/5

Security researchers discover new Linux backdoor named SpeakUp

This script can scan local networks for open ports, brute-force nearby systems using a list of pre-defined usernames and passwords, and use one of seven exploits to take over unpatched systems.

Check Point partners with Ericom to jointly prevent browser-based attacks

The partnership combines Ericom’s Remote Browser Isolation (RBI) technology with Check Point’s threat intelligence security protection to generate a robust defense system that enables organizations to prevent web-borne threats and secure user access to all vital browser-based services and assets.

Wednesday 2/6

Cyberattacks to watch for in 2019

Organizations will face cyber security threats in eight key areas in 2019 including information warfare, chip and pin weaknesses, weaponization of adware networks, and more.

Tech support Scams Now Get Users to Install Potentially Unwanted Apps

Tech support scammers’ modus operandi is to get the victim to believe that their computer has been infected with malware, and that their only recourse is to call a technical support number for assistance on cleaning the system. Once on the call, a purported support executive would ask the victim for remote access to their computer and then charge a fee for the supposed cleaning they did.

Thursday 2/7

Microsoft security chief: Internet Explorer is not a browser so stop using it as your default

The main gist of Jackson's argument is you should only use Internet Explorer selectively for internal sites that need it, pointing to tools like Enterprise Mode Site List in IE 11 that help customers make the transition and limit IE use to where it's needed.

Geodo Botnets Using New Spam Campaign to Deliver Qakbot Malware

This attack campaign comes amid a rise in activity for banking Trojans such as Qakbot and IcedID. Check Point observed a 50 percent increase in banking Trojan activity in the first half of 2018, with Dorkbot and Ramnit earning spots on the company’s “Most Wanted Malware” list for June of that year.

Friday 2/8

Google warns about two iOS zero-days ‘exploited in the wild’

According to the Apple iOS 12.1.4 security changelog, CVE-2019-7286 impacts the iOS Foundation framework --one of the core components of the iOS operating system. The second zero-day, CVE-2019-72867, impacts I/O Kit, another iOS core framework that handles I/O data streams between the hardware and the software.

Deliver an exceptional end-user experience for your Citrix Workspace environment

Citrix Cloud services can deploy digital workspaces within hours, moving your sensitive app, desktop, and data resources to any cloud or hybrid cloud. It brings together everything a business needs to get work done, including apps, desktops, and files across any cloud and data center, and provides secure access on all networks and devices.

WDigest Clear-Text Passwords: Stealing More Than a Hash

A configuration related to WDigest could hinder the security of your environment, specifically on the endpoint, by allowing an attacker to steal clear-text credentials from memory. Microsoft’s security update (KB2871997) addresses the issue on older versions of Windows, whereas newer versions should be secured by default.