SecurityWeek
Cerberus Banking Trojan Delivered via App Hosted on Google Play
A harmless-looking currency converter application downloaded by more than 10,000 users from Google Play was designed to deliver the Cerberus banking Trojan.
Feds Unseal 2018 Indictment Charging Kazakh Man in Hacks
Two weeks after a cyber-security firm released the identity of an alleged hacker from Kazakhstan, federal authorities in Seattle on Tuesday unsealed a 2018 indictment charging the man with an array of computer crimes.
Citrix Patches 11 Vulnerabilities in Networking Products
Citrix informed customers on Tuesday that it has patched 11 vulnerabilities in its ADC, Gateway, and SD-WAN networking products, and highlighted that the flaws are not related to CVE-2019-19781, which has been exploited in many attacks.
Microsoft Files Lawsuit to Seize Fake Domains Used in COVID-19-Themed BEC Attacks
Microsoft has filed a lawsuit in an effort to seize control of several domains used to launch COVID-19-themed cyberattacks against the company’s customers in 62 countries.
OT Networks Are Becoming Essential Components of IT Risk Management, Governance
Recent global events have convinced us that digital transformation is here to stay and, in fact, accelerating. Companies that had already begun to embrace digital transformation were able to adapt more quickly to disruption and demonstrate greater resiliency. Now that the initial rush to support a shift to a more distributed model is behind us, we have an opportunity to pause and consider what work still needs to be done to further resiliency.
EDP Renewables North America Discloses Data Breach
Renewable energy company EDP Renewables North America (EDPR NA) has started informing customers that its internal systems were breached by cybercriminals.
Purple Fox Exploit Kit Targets Vulnerabilities Linked to DarkHotel Group
The developers of the Purple Fox exploit kit (EK) have added two new exploits to their arsenal, including one for a vulnerability addressed in February this year.
Free Microsoft Service Looks at OS Memory Snapshots to Find Malware
Microsoft on Monday unveiled Project Freta, a free service that allows users to find rootkits and other sophisticated malware in operating system memory snapshots.
Britain Set to Axe Huawei 5G Involvement: Report
China's ambassador to Britain on Monday warned that London faced a risk to its international reputation if it blocked Huawei from the nation's 5G network.
Nigerian Instagram Star Extradited to U.S. Over Role in Cybercrime Schemes
A Nigerian national who has more than 2.5 million followers on Instagram, where he flaunts his lavish lifestyle, was extradited from the United Arab Emirates (UAE) and appeared in court in the United States to face cybercrime-related charges.
BIG-IP Vulnerability Exploited to Deliver DDoS Malware
Hackers continue to exploit the recently patched BIG-IP security flaw and they have plenty of potential targets as researchers have identified thousands of vulnerable systems.
China Urges 'Fair' Treatment After France Restricts Huawei
China urged France Monday to guarantee a "fair and just" environment for its companies after Paris decided to restrict licenses for telecom operators using 5G technology from Huawei.
Facebook, Others, Block Govt Requests on Hong Kong User Data
Facebook, WhatsApp and Telegram will deny law enforcement requests for user data in Hong Kong as they assess the impact of a new national security law enacted last week.
Try2Cry Ransomware Spreads via USB Drives
G Data security researchers have identified a new ransomware family that attempts to spread using infected USB drives.
Former Yahoo! Employee Avoids Jail After Hacking User Accounts
A former Yahoo! employee who admitted to hacking into the accounts of thousands of users was sentenced last week to five years of probation.
NSA Publishes Recommendations on Securing IPsec VPNs
The National Security Agency (NSA) has published a series of recommendations on how to properly configure IP Security (IPsec) Virtual Private Networks (VPNs).
Magecart Attacks on Claire's and Other U.S. Stores Linked to North Korea
Hackers linked to the North Korean government appear to be behind the Magecart attacks on fashion retailer Claire’s and other online stores, Netherlands-based e-commerce security company Sansec reported on Monday.
Nigerian Man Charged With Cyber Fraud Against US Companies
A Nigerian national appeared in federal court in Chicago Friday accused of orchestrating an international cyber fraud scheme that federal prosecutors say defrauded U.S. businesses in six states out of tens of millions of dollars.
Hackers Start Exploiting Recently Patched BIG-IP Vulnerability
Hackers have already started exploiting a recently patched vulnerability affecting F5 Networks’ BIG-IP application delivery controller (ADC).
Huawei Not Totally Banned From France, Says Watchdog: Report
China's Huawei is not totally banned from France's next-generation 5G wireless market, but French operators using them will only get limited licences, the head of the national cybersecurity agency told Les Echos newspaper Sunday.