Security News > 2022 > January

Malware resets Android devices after performing fraudulent wire transfers
2022-01-27 08:42

If your Android phone initiates a factory reset out of the blue, there's a chance it has been infected with the BRATA banking malware and you've just been ripped off. Through the years, BRATA evolved primarily into banking malware and has lately been aimed against Android users in Europe and the rest of Latin America.

Indonesia bars financial institutions from offering crypto services
2022-01-27 07:13

Another week, another big economy restricting cryptocurrency. In the tweet below, Wimboh Santoso, commissioner of Indonesia's financial services authority the Otoritas Jasa Keuangan, states that the agency has prohibited financial service institutions from using, marketing, and/or facilitating crypto asset trading.

How would zero trust prevent a Log4Shell attack?
2022-01-27 06:30

The consequence of a Log4Shell attack is that the exploited server tries to download code from an internet site owned by the attacker. Even if a Log4Shell vulnerability is exploited in the server, it cannot download and later run any malicious code, as the outgoing traffic from the DMZ to the internet would have been prohibited.

What makes achieving cyber resilience difficult?
2022-01-27 06:00

Since the pandemic started, 83 percent have experienced more attempted cyberattacks, 87 percent report an increase in phishing emails, with many leveraging COVID-19 related themes. Of these, 58 percent paid $100,000 to just under a million, 7 percent spent a million dollars or more.

Digital IDs under attack: How to tackle the threat?
2022-01-27 05:30

Digital identification is the focus of two reports by the European Union Agency for Cybersecurity: an analysis of self-sovereign identity and a study of major face presentation attacks. The technologies falling under the name of self-sovereign identity consist in giving identity holders greater control over their identity.

65% of organizations continue to rely on shared logins
2022-01-27 05:00

As organizations look to embrace modern approaches to security in 2022, a strongDM survey has revealed that access management is one of the most crucial factors to achieving this goal. The data showed that 80% of organizations are looking to address access management as a strategic initiative over the next 12 months, highlighting the need to secure and streamline infrastructure-wide access controls as a prerequisite to other initiatives, like zero trust.

Patching the CentOS 8 Encryption Bug is Urgent – What Are Your Plans?
2022-01-27 04:50

Just two weeks after reaching the official end of life, something broke spectacularly, leaving CentOS 8 users at major risk of a severe attack - and with no support from CentOS. You'd think that this issue no longer affects a significant number of organizations because by now, companies would have migrated away from CentOS 8 to an OS that is actively supported by vendors. Just the same with Red Hat, which backs CentOS. But, with CentOS 8 now no longer officially supported, a CentOS 8 patch for the LUKS flaw is not going to appear.

Chaes Banking Trojan Hijacks Chrome Browser with Malicious Extensions
2022-01-27 04:37

A financially-motivated malware campaign has compromised over 800 WordPress websites to deliver a banking trojan dubbed Chaes targeting Brazilian customers of Banco do Brasil, Loja Integrada, Mercado Bitcoin, Mercado Livre, and Mercado Pago. "Chaes is characterized by the multiple-stage delivery that utilizes scripting frameworks such as JScript, Python, and NodeJS, binaries written in Delphi, and malicious Google Chrome extensions," Avast researchers Anh Ho and Igor Morgenstern said.

Familiarity with vaccine passport tech is laying the foundations for digital IDs
2022-01-27 04:30

Vaccine passport technology has become an intrinsic part of society over the past year, as governments across the globe search for solutions that help protect citizens from the pandemic. 76% of Brits would be comfortable having some of their data incorporated into a digital ID, because they sound easy to use, all their information would be in one place, and they're more difficult to lose than physical IDs.

Fraud detection and prevention market to reach $75,139.66 million by 2028
2022-01-27 04:00

The global fraud detection and prevention market is expected to grow from $26,511. Fraud detection and prevention systems are software applications used to provide analytical solutions for fraud incidents and help identify or prevent future occurrences.