Security News > 2022 > April

If you go off-market, things can get much more dangerous, not least because there are many unofficial Android app stores out there where pretty much anything goes, including some app repositories that deliberately pitch themselves as a handy place to get at software that Google "Doesn't want you to have". As an aside, you might think that no one would deliberately seek out apps that clearly wouldn't be permitted on Google Play, or that have already been rejected by Google.

IRS warns consumers and businesses of common scams during tax season. Tax season is prime time for phone scams, the IRS cautions.

Security researchers have uncovered a long-running malicious campaign from hackers associated with the Chinese government who are using VLC Media Player to launch a custom malware loader. Researchers at Symantec, a division of Broadcom, found that after gaining access to the target machine the attacker deployed a custom loader on compromised systems with the help of the popular VLC media player.

German authorities have taken down the Hydra marketplace - a popular destination on the Dark Web for trading in illicit goods and services, including cyberattack tools and stolen data. "The illegal marketplace was a Russian-language Darknet platform that had been accessible via the Tor network since at least 2015," according to a Tuesday statement from Frankfurt's public prosecutor and Germany's Federal Criminal Police Office.

Remote Access Trojan adds ransomware and DDoS attacks to usual bag of tricks. The Remote Access Trojan, or RAT for short, is a powerful tool among cybercriminals as it allows them to fully access and control a compromised computer or device to steal data or launch additional attacks.

According to Check Point, who compiled the report based on their telemetry data, 37,000 Spring4Shell attacks were detected over the past weekend alone. More specifically, the agency has seen evidence of attacks targeting VMware products, for which the software vendor released security updates and advisories yesterday.

Microsoft said that it's currently tracking a "Low volume of exploit attempts" targeting the critical Spring4Shell remote code execution vulnerability across its cloud services. The Spring4Shell vulnerability impacts the Spring Framework, described as the "Most widely used lightweight open-source framework for Java.".

A concerning number of ransomware victims have paid their attackers to retrieve their data or devices, according to CyberEdge Group's annual Cyberthreat Defense Report. The 2022 edition features a survey of 1,200 IT security professionals and found that a whopping 63% of those suffering from ransomware attacks last year ended up compensating the malicious parties responsible for the attacks.

How phishing attacks are exploiting Russia's invasion of Ukraine. A new round of phishing attacks analyzed by email security provider Tessian aims to steal cryptocurrency under the guise of requesting charitable donations toward the Ukrainian cause.

Code shack GitHub is aiming to help users avoid inadvertent leaks of confidential objects like access tokens by scanning repository content for such secrets before a git push is executed. The secret scanning capability is already a feature of GitHub Advanced Security, which is enabled for all public repositories on GitHub.com and an option for GitHub Enterprise users.