Security News > 2022 > November

Researchers have discovered over two dozen Python packages on the PyPI registry that are pushing info-stealing malware. Researchers have identified over two dozen Python packages on the PyPI registry that imitate popular libraries but instead drop info-stealers after infecting machines.

Vodafone Italia is sending customers notices of a data breach, informing that one of its commercial partners, FourB S.p. Vodafone Italia urges the recipients of the notifications to remain vigilant against incoming communications, as the risk of being targeted by phishing actors and scammers has now increased.

TeamViewer has pulled the latest version following user reports that the remote access software was displaying "Connection not established. Authentication Cancelled Error" errors and blocking incoming connections. According to customers, these connection issues affect any device running TeamViewer 15.35.7, regardless of the software and hardware configuration.

Banks in the US paid out nearly $1.2 billion in 2021 as a result of ransomware attacks, a marked rise over the year before though it may simply be due to more financial institutions being asked to report incidents. The figures come from the most recent Financial Trend Analysis report [PDF] on ransomware from the US Treasury's Financial Crimes Enforcement Network covering Bank Secrecy Act filings for 2021.

According to a new report, almost half of Android-based mobile phones used by U.S. state and local government employees are running outdated versions of the operating system, exposing them to hundreds of vulnerabilities that can be leveraged for attacks. The report additionally warns of a rise in all threat metrics, including attempted phishing attacks against government employees, reliance on unmanaged mobile devices, and liability points in mission-critical networks.

Multiple vulnerabilities have been disclosed in Checkmk IT Infrastructure monitoring software that could be chained together by an unauthenticated, remote attacker to fully take over affected servers. "These vulnerabilities can be chained together by an unauthenticated, remote attacker to gain code execution on the server running Checkmk version 2.1.0p10 and lower," SonarSource researcher Stefan Schiller said in a technical analysis.

A one-time Apple employee working as a buyer within the iGiant's supply chain department has pleaded guilty to mail and wire fraud charges spanning multiple years, ultimately costing the company $17 million. According to the US Attorney's Office for the Northern District of California, Prasad admitted in a written statement that he began to defraud Apple as early as 2011 by "Accepting kickbacks, inflating invoices, stealing parts, and causing Apple to pay for items and services never received."

Dropbox has suffered a data breach, but users needn't worry because the attackers did not gain access to anyone's Dropbox account, password, or payment information. The compromised repositories contain "Copies of third-party libraries slightly modified for use by Dropbox, internal prototypes, and some tools and configuration files used by the security team" - but not code for Dropbox core apps or infrastructure.

A set of four Android apps released by the same developer has been discovered directing victims to malicious websites as part of an adware and information-stealing campaign. The apps, published by a developer named Mobile apps Group and currently available on the Play Store, have been collectively downloaded over one million times.

In July 2022, after several months of the shutdown, a Raccoon Stealer V2 went viral. What is Raccoon infostealer V2? Raccoon Stealer is a kind of malware that steals various data from an infected computer.