Security News > 2021 > November

Researchers have discovered 19 mobile apps carrying rooting malware on official and third-party Android app stores, including Google Play and Samsung Galaxy Store. "By using the rooting process to gain privileged access to the Android operating system, the threat actor can silently grant themselves dangerous permissions or install additional malware - steps that would normally require user interaction. Elevated privileges also give the malware access to other apps' sensitive data, something not possible under normal circumstances."

As cyber threats continue to plague enterprises and the third-party partners and suppliers they work with, organizations that have prioritized the development of a robust third-party cyber risk management program are experiencing success. That's why it's more important than ever for companies to integrate third-party cybersecurity risk management into their security strategies.

Ransomware attacks on industrial environments have increased by 500 per cent in three years, and it's unlikely the criminals responsible are going to slow down anytime soon. If cyber-attackers are smart, is it possible to beat them with something even smarter? Something like AI? And is it possible to predict what the next wave of attacks will look like and prepare now?

Vulnerability reporters should start using MITRE ATT&CK technique references to describe what the attacker is trying to achieve by exploiting a given CVE-numbered vulnerability, the MITRE Engenuity team urges. "Using ATT&CK facilitates making descriptions of impacts and exploitation methods consistent across reports. When used in a vulnerability report, ATT&CK's tactics and techniques enable defenders to quickly understand how a vulnerability can impact them, helping defenders integrate vulnerability information into their risk models and identify appropriate compensating security controls," they say.

The BlackMatter ransomware is allegedly shutting down its operation due to pressure from the authorities and recent law enforcement operations. This post warns affiliates that the ransomware operation was shutting down in 48 hours.

The Identity Theft Resource Center (ITRC) has published a report on the impacts of identity crimes and cyberattacks on small businesses. There is little information about how small businesses are impacted by the rise in identity crimes and cyberattacks.

SonicWall recorded a 148% increase in global ransomware attacks through the third quarter of 2021. 2021 has been the most active year for ransomware on record - and is showing no sign of slowing.

Zurich North America and Advisen have released a survey of corporate risk managers and insurance buyers revealing current views about information security and cyber risk management. The survey results indicate that risk professionals are increasingly aware of their intensifying cyber risks and the need to manage them using risk mitigation and risk transfer.

API security issues: Enterpises must apply a zero trust approach. The findings revealed that only a staggering 2% of enterprise IT practitioners in these industries feel completely confident in their organization's ability to reduce API security issues such as unauthorized access, data privacy, compliance risk and security threats.

The operators behind the Mekotio banking trojan have resurfaced with a shift in its infection flow so as to stay under the radar and evade security software, while staging nearly 100 attacks over the last three months. The development comes after Spanish law enforcement agencies in July 2021 arrested 16 individuals belonging to a criminal network in connection with operating Mekotio and another banking malware called Grandoreiro as part of a social engineering campaign targeting financial institutions in Europe.