Cybersecurity Starts in the Boardroom
This attack by the pro-North Korean APT 37 espionage group has been aimed at specific targets. The malware exploits a backdoor in Windows and steals sensitive data from the infected PC and exfiltrates it to a Google Drive. ESET researchers also discovered the malware shows the capability to steal data …
Continue reading “Windows malware that can attack your phone”
The apps PC Keyboard, Lazy Mouse, and Telepad have been discovered to have serious vulnerabilities in their code: Critical RCE bugs in Android remote keyboard apps with 2M installs (bleepingcomputer.com) This is the case for both the free and paid for versions and could expose the keypresses to monitoring and …
Continue reading “Android remote keyboard apps with +2M downloads vulnerable”
Apple declares that sharing device usage information with them is anonymous, but researchers are claiming this is not true and Apple can associate actual iCloud users to this shared information. Apple Device Analytics Contain Identifying iCloud User Data, Claim Security Researchers – MacRumors Would Apple do this? They are already …
Continue reading “Can Apple identify us from “anonymous” data?”
Here are a couple of the current examples of Android malware that could compromise your organisation, reported in the technical press this week. New SandStrike spyware infects Android devices via malicious VPN app (bleepingcomputer.com) Malicious Android apps with 1M+ installs found on Google Play (bleepingcomputer.com) They have different malicious intent …
Legitimate software vendors update and patch their products to combat threat actors, so it is no surprise to see that threat actors update and patch their malicious products to evade updated defences: Hacking group updates Furball Android spyware to evade detection (bleepingcomputer.com) Just make sure you manage those Android devices …
Continue reading “Malicious Android apps get an update to avoid detection”
