Security News > 2023 > May

A Vietnamese threat actor has been attributed as behind a "Malverposting" campaign on social media platforms to infect over 500,000 devices worldwide over the past three months to deliver variants of information stealers such as S1deload Stealer and SYS01stealer. Malverposting refers to the use of promoted social media posts on services like Facebook and Twitter to mass propagate malicious software and other security threats.

The Computer Emergency Response Team of Ukraine has warned of cyber attacks perpetrated by Russian nation-state hackers targeting various government bodies in the country. The email messages come with the subject line "Windows Update" and purportedly contain instructions in the Ukrainian language to run a PowerShell command under the pretext of security updates.

Reporting to Thaddeus was a head of operations, who we'll Regomize as "Max". Max's younger brother was living with him at the time, which Thaddeus knew about.

Google disclosed that its improved security features and app review processes helped it block 1.43 million bad apps from being published to the Play Store in 2022. The company said it banned 173,000 bad accounts and fended off over $2 billion in fraudulent and abusive transactions through developer-facing features like Voided Purchases API, Obfuscated Account ID, and Play Integrity API. The addition of identity verification methods such as phone number and email address to join Google Play contributed to a reduction in accounts used to publish apps that go against its policies, Google pointed out.

Excessive privileges are a continuing headache for security professionals. Cloud environments rely on identity as the security perimeter, and identities are mushrooming and making "Identity sprawl" a serious challenge.

In this Help Net Security video interview, cybersecurity entrepreneur, founder, innovator, and investor William Lin discusses his new book - The VC Field Guide. In this book, Lin demystifies the inner workings of venture capital.

Bot attacks were previously seen as relatively inconsequential type of online fraud, and that mentality has persisted even as threat actors have gained the ability to cause significant damage to revenue and brand reputation, according to HUMAN. Bad bot traffic. Bad bot traffic overall increased even as people spent less time online.

This has driven the need for a zero trust approach and identity solutions. Over 70% of companies are still in the process of implementing a zero trust approach needed to secure an expanding security perimeter due to increased cloud utilization and remote workers.

China has 50 hackers for every one of the FBI's cyber-centric agents, the Bureau's director told a congressional committee last week. "The scale of the Chinese cyber threat is unparalleled. They've got a bigger hacking program than every other major nation combined and have stolen more of our personal and corporate data than all other nations big or small combined."

Abnormal Security expands its platform and launches new products. Abnormal Security launched three new products focused on expanding security detection for Slack, Microsoft Teams and Zoom.