Security News > 2022 > October

A new version of the Drinik Android trojan targets 18 Indian banks, masquerading as the country's official tax management app to steal victims' personal information and banking credentials. Drinik has been circulating in India since 2016, operating as an SMS stealer, but in September 2021, it added banking trojan features that target 27 financial institutes by directing victims to phishing pages.

Cloud communications company Twilio disclosed a new data breach stemming from a June 2022 security incident where the same attackers behind the August hack accessed some customers' information. The attacker used social engineering to trick an employee into handing over their credentials in a voice phishing attack.

Security training is often touted as one of the best ways to combat phishing attacks, malware and other security hazards. The type of security training offered to your employees makes a huge difference in whether your efforts prove effective.

"The New York Post has been hacked. We are currently investigating the cause," the daily newspaper tweeted shortly after removing multiple disturbing tweets published earlier on Thursday. Fast Company was forced to take down its website for approximately two weeks after the hacker pushed racist notifications to its readers' mobile devices using the Apple News platform.

A 34-year-old U.K. national has been arraigned in the U.S. for operating a dark web marketplace called The Real Deal that specialized in the sales of hacking tools and stolen login credentials. Daniel Kaye, who went by a litany of pseudonyms Popopret, Bestbuy, UserL0ser, and Spdrman, has been charged with five counts of access device fraud and one count of money laundering conspiracy.

As many as 85 command-and-control servers have been discovered supported by the ShadowPad malware since September 2021, with infrastructure detected as recently as October 16, 2022. That's according to VMware's Threat Analysis Unit, which studied three ShadowPad variants using TCP, UDP, and HTTP(S) protocols for C2 communications.

A new version of the Fodcha DDoS botnet has emerged, featuring ransom demands injected into packets and new features to evade detection of its infrastructure. The most notable improvement in this botnet version is the delivery of ransom demands directly within DDoS packets used against victims' networks.

The cybersecurity industry is too happy to provide services, software, and insurance to accommodate this new normal. The market is so big and juicy that no one can get in the way of "The development of the cyber insurance market."

One Identity parent company Quest Software was acquired by Clearlake Capital Group in early 2022, a move which underlines the growing importance of IAM to investors. It recently decided to consolidate its multi-headed IAM and IGA under a single platform, One Identity's One Identity Manager, giving it a single view on its expanding user population.

A now-patched security flaw in Apple's iOS and macOS operating systems could have potentially enabled apps with Bluetooth access to eavesdrop on conversations with Siri. Apple said "An app may be able to record audio using a pair of connected AirPods," adding it addressed the Core Bluetooth issue in iOS 16.1 with improved entitlements.