Google Play stocks malicious apps

Key details: 12/02/2017 Google Play fooled into stocking malicious apps that were downloaded by over 1 million users. Another example of Google Play’s security and checking processes that have failed, allowing malicious applications to be made available to users. Fake App Most of these apps were uploaded to Google Play in October 2017 Cyber criminals were publishing malicious apps on Google Play Store for more than two years Apps use malicious code to steal login credentials Targeted users in certain languages – Russian, Ukrainian, Armenian, Azerbaijani, Belarusian, Romanian…. https://securelist.com/still-stealing/83343/  WhatsApp fake A fake version of WhatsApp was found to have more than a million user[…]

Continue reading …

Russian hackers exploited Kaspersky to steal data from NSA contractor

Key date: 7th October 2017 Russian hackers exploited a vulnerability in Kaspersky Lab’s software to steal sensitive cyber defense data from a United States National Security Agency contractor. Incident occurred in 2015 and involved a contractor ignoring policy and loading information onto personal laptop to take home and work on. Contractor worked in the NSA’s Tailored Access Operations unit, NSA’s own elite hacking division. At the time, the NSA’s security was “sloppy”, because when they “work within the agency, they work on our systems,” quoted a spokesman. Kaspersky Lab denied any “inappropriate” links to the Russian government. Acting DHS Secretary Elaine Duke noted Kaspersky antivirus[…]

Continue reading …

APT28 now focusing on hospitality sector

Key date: 11th August 2017 Spear phishing e-mails sent to multiple European companies in the hospitality industry. Middle Eastern hotels targeted later, in July. E-mails deliver a malware payload, designed to steal guest information. Less secure hotels targeted, especially those with a number of business or government guests. This is the first time we have seen APT28 incorporate this exploit into their intrusions,” researchers said. APT28 is widely believed to be a Russian state sponsored hacking group. Other articles https://www.fireeye.com/blog/threat-research/2017/08/apt28-targets-hospitality-sector.html  

Continue reading …