Threat actors have been taking advantage of an exploited set of Microsoft credentials to embed ransomware attacks into signed drivers: Microsoft-signed malicious Windows drivers used in ransomware attacks (bleepingcomputer.com) And LockBit got through the cyber security defences of California’s Department of Finance: LockBit claims attack on California’s Department of Finance …
Twitter user data is from an old data breach but Uber’s is a new one!
The vast amount of Twitter user data that has recently been exposed online is from a data breach from 2021, not a new data breach according to Twitter. Twitter confirms recent user data leak is from 2021 breach (bleepingcomputer.com) None of these big tech companies ever give the impression in …
Continue reading “Twitter user data is from an old data breach but Uber’s is a new one!”
Vulnerable and malicious Android apps
There have been several stories this week highlighting issues with Android apps: Compromised Android keys used to sign info-stealing malware • The Register Android malware apps with 2 million installs spotted on Google Play (bleepingcomputer.com) New ‘Zombinder’ platform binds Android malware with legitimate apps (bleepingcomputer.com) I have written about the …
Zerobot malware targets a wide range of vulnerable devices – are your devices on the list?
From online CCTV cameras to popular router modems, Zerobot malware is infecting devices that have not been patched to build a network to carry out distributed denial of service attacks (DDoS). New Zerobot malware has 21 exploits for BIG-IP, Zyxel, D-Link devices (bleepingcomputer.com) The Bleeping Computer article has the details …
Do you have an Android device?
Google has released an Android update that fixes a range of vulnerabilities: Android December 2022 security updates fix 81 vulnerabilities (bleepingcomputer.com) Unlike Apple, who control both the hardware and software in its eco-system and updates apply to all “in support” devices, Google does not so there are many flavours of …
