Security News > 2023 > April

Malware developers have created a thriving market promising to add malicious Android apps to Google Play for $2,000 to $20,000, depending on the type of malicious behavior cyber criminals request. The exact price for these services is negotiated on a case-by-case basis on hacker forums or Telegram channels, allowing cybercriminals to customize malicious Android apps with their own malware or functionality.

Sextortion victims are already in a vulnerable position, and shady companies are taking advantage of this vulnerability to offer "Sextortion assistance" services for huge sums - services that they may be unable to render or that won't help the victims in any way. The FBI is now warning about companies that are exploiting the vulnerability of sextortion victims by offering assistance at a high cost.

A design flaw in Microsoft Azure - that shared key authorization is enabled by default when creating storage accounts - could give attackers full access to your environment, according to Orca Security researchers. "Similar to the abuse of public AWS S3 buckets seen in recent years, attackers can also look for and utilize Azure access keys as a backdoor into an organization," Orca's Roi Nisimi said.

A "By-design flaw" uncovered in Microsoft Azure could be exploited by attackers to gain access to storage accounts, move laterally in the environment, and even execute remote code. "It is possible to abuse and leverage Microsoft Storage Accounts by manipulating Azure Functions to steal access-tokens of higher privilege identities, move laterally, potentially access critical business assets, and execute remote code," Orca said in a new report shared with The Hacker News.

"The most popular application categories to hide malware and unwanted software include cryptocurrency trackers, financial apps, QR-code scanners, and even dating apps," Kaspersky said in a new report based on messages posted on online forums between 2019 and 2023. Dropper apps are the primary means for threat actors looking to sneak malware via the Google Play Store.

In today's perilous cyber risk landscape, CISOs and CIOs must defend their organizations against relentless cyber threats, including ransomware, phishing, attacks on infrastructure, supply chain breaches, malicious insiders, and much more. One of the most effective ways for CISOs and CIOs to make the best use of their limited resources to protect their organizations is by conducting a cyber risk assessment.

Car thieves are injecting malicious software into a car’s network through wires in the headlights (or taillights) that fool the car into believing that the electronic key is nearby. News articles.

Apple has pushed out security updates that fix two actively exploited zero-day vulnerabilities in macOS, iOS and iPadOS. Reported by researchers Clément Lecigne of Google's Threat Analysis Group and Donncha Cearbhaill, the head of Amnesty International's Security Lab, the vulnerabilities have been exploited in tandem to achieve full device compromise - with the likely goal to install spyware on target devices. CVE-2023-28206 is an out-of-bounds write issue in IOSurfaceAccelerator that can be exploited by a malicious app to execute arbitrary code with kernel privileges.

In Brief More than 40 percent of surveyed IT security professionals say they've been told to keep network breaches under wraps despite laws and common decency requiring disclosure. To further complicate matters, 40 percent of IT infosec folk polled said they were told to not report security incidents, and that climbs to 70.7 percent in the US, far higher than any other country.

Cybersecurity researchers have detailed the inner workings of the cryptocurrency stealer malware that was distributed via 13 malicious NuGet packages as part of a supply chain attack targeting. The sophisticated typosquatting campaign, which was detailed by JFrog late last month, impersonated legitimate packages to execute PowerShell code designed to retrieve a follow-on binary from a hard-coded server.