Security News > 2023 > April

Google is enacting a new data deletion policy for Android apps that allow account creation to also offer users with a setting to delete their accounts in an attempt to provide more transparency and control over their data. "For apps that enable app account creation, developers will soon need to provide an option to initiate account and data deletion from within the app and online," Bethel Otuteye, senior director of product management for Android App Safety, said.

The impact of identity fraud varies for organizations in the financial services industry, based on whether they belong to the banking or FinTech sector, according to Regula. When asked to evaluate the cost of the identity fraud they had experienced, the banking sector was found to be the most severely impacted, with a median financial burden of over $310,000.

Despite the decline in network-detected malware in Q4 2022, endpoint ransomware spiked by 627%, while malware associated with phishing campaigns persisted as a threat, according to WatchGuard. Despite seeing an overall decline in malware, further analysis from WatchGuard Threat Lab researchers looking at Fireboxes that decrypt HTTPS traffic found a higher incidence of malware, indicating malware activity has shifted to encrypted traffic.

Working with law enforcement from 15 other nations, the US Department of Justice yesterday seized [PDF] the criminal souk's main website, domains, and servers, and "Conducted a number of law enforcement actions against hundreds of Genesis Market users worldwide" as part of a global law enforcement effort dubbed Operation Cookie Monster, according to a senior FBI official. According to court documents, in December 2020 the FBI, in conjunction with an unnamed foreign law enforcement, managed to image the Genesis backend server, and downloaded usernames, passwords, email account, search histories, purchase history and comment for 33,000 Genesis Market users and approximately 900,000 individual packages.

A new dark web marketplace called STYX launched earlier this year and appears to be on its way to becoming a thriving hub for buying and selling illegal services or stolen data. However analysts at threat intelligence company Resecurity noticed mentions of STYX on the dark web since early 2022, when the founders were still building the escrow module.

The developers of the Typhon info-stealer announced on a dark web forum that they have updated the malware to a major version they advertise as 'Typhon Reborn V2'. They boast significant improvements designed to thwart analysis via anti-virtualization mechanisms. The original Typhon was discovered by malware analysts in August 2022.

Google has announced a new Google Play Store data deletion policy that will require Android developers to provide users with an online option to delete their accounts and in-app data. According to the new policy, starting in early 2024, Google Play users will have better control over their data since every store listing will display links in the "Data deletion" area, allowing them to ask for their accounts and/or data to be deleted.

Cybersecurity researcher Sam Sabetan yesterday went public with insecurity revelations against IoT vendor Nexx, which sells a range of "Smart" devices including door openers, home alarms and remotely switchable power plugs. Sabetan deliberately didn't publish precise details of the bugs, or provide any proof-of-concept code that would allow just anyone to start hacking away on Nexx devices without already knowing what they were doing.

Microsoft announced today that the recently introduced Edge Workspaces feature, which allows users to share groups of tabs with friends and family, is now available as part of a limited public preview. First revealed in an enterprise public preview at the company's October 2022 Ignite conference for developers and IT professionals, Microsoft Edge Workspaces is designed to provide groups of people with access to the same set of tabs after signing into their Microsoft account.

Active since 2018, Genesis Market's slogan was, "Our store sells bots with logs, cookies, and their real fingerprints." Customers could search for infected systems with a variety of options, including by Internet address or by specific domain names associated with stolen credentials. Multiple domains associated with Genesis had their homepages replaced with a seizure notice from the FBI, which said the domains were seized pursuant to a warrant issued by the U.S. District Court for the Eastern District of Wisconsin.