From gbhackers.com
Researchers discovered major vulnerabilities in several Free VPN apps for Android that allow attackers to perform dangerous Man-in-the-Middle Attacks and steal usernames, passwords, photos, videos, messages and more.
There are several VPN’s caught in this list that downloaded more than 120 million times from Google Play and the Free VPN called SuperVPN alone downloaded 100 million times.
From 2-spyware.com
Coom ransomware is the cryptovirus that gets released on the system to encrypt common files and make them useless. Developers designed the threat to then release a ransom note READ_IT.txt that directly states what the victim should do next – pay at least 0.015BTC., the ransom can differ from victim to victim, depending on the target and the value of stored and affected files. The particular file is not displaying much information, only stating that the person needs to pay to get those files unlocked and how to obtain Bitcoins for the payment. There is no contact information that could help to communicate with virus developers, so victims have not many options.
From 2-spyware.com
Clear your iPhone from malicious attacks is a rogue notification that appears on the Apple mobile phone’s calendar. The potentially unwanted program, mostly, adware that enters the targeted device hacks the person’s calendar and includes suspicious virus warnings, news reports, and fake prize claims as events. According to research, Clear your iPhone from malicious attacks Calendar spam mostly appears on iPhone devices and because of this it refers to the iPhone virus category but might also be able to enter other operating systems such as Windows or Mac.
From tripwire.com
The climb is getting steeper, but thanks to hard work, vision and insight are much keener. At ML:4, all assets are scanned by a combination of agent and remote scans on a normal cadence. This will generate a lot of data dictated by threat and patch priority.
From tripwire.com
Not all attackers are trying to exfiltrate data. In security, we’re all familiar with CIA triad—confidentiality, availability, and integrity. While Exfiltration describes adversarial behavior with the goal of violating confidentiality, attackers may look to manipulate, interrupt, or destroy your systems and data. The Impact tactic describes techniques that adversaries use to compromise the availability or integrity of your systems and data. This tactic was introduced to capture disruptive behavior such as ransomware, denial of service, and other destructive enterprise attacks that aren’t captured by the other ATT&CK tactics.
From isc.sans.edu
Since I was exposed to three different online scam campaigns in the last three weeks, without having to go out and search for them, I thought that today might be a good time to take a look at how some of the current online scams work.
All of the campaigns we’ll mention seemed to target people in the Czech Republic, although not exclusively, as one of the landing pages I found had at least 20 different regional variants set up for countries from all over the world. In cases where I was unable to find an English version of a page, I had Chrome translate it – the results are not always pretty, but should be sufficient for our purposes.
From zdnet.com
Hackers have found a bug in PayPal’s Google Pay integration and are now using it to buy products online and incur unauthorized charges to PayPal accounts.
Since last Friday, users have reported seeing mysterious transactions pop up in their PayPal history as originating from their Google Pay account.