Security News

Now patched, the exploits took advantage of bugs in Windows, Chrome, and older versions of Android though watering hole attacks, says Google. In a series of blog posts published Tuesday, Google revealed that it discovered two malicious servers set to deliver different exploit campaigns through watering hole attacks.

Google researchers have detailed a major hacking campaign that was detected in early 2020, which mounted a series of sophisticated attacks, some using zero-day flaws, against Windows and Android platforms. Working together, researchers from Google Project Zero and the Google Threat Analysis Group uncovered the attacks, which were "Performed by a highly sophisticated actor," Ryan from Project Zero wrote in the first of a six-part blog series on their research.

A recently discovered Mobile Remote Access Trojan can take control of the infected Android devices and exfiltrate a trove of user data, Check Point security researchers warn. Dubbed Rogue, the Trojan is the work of Triangulum and HeXaGoN Dev, known Android malware authors that have been selling their malicious products on underground markets for several years.

Project Zero, Google's 0day bug-hunting team, revealed a hacking campaign coordinated by "a highly sophisticated actor" and targeting Windows and Android users with zero-day and n-day exploits. The Project Zero team, in collaboration with the Google Threat Analysis Group, discovered a watering hole attack using two exploit servers in early 2020, each of them using separate exploit chains to compromise potential targets.

Cybersecurity researchers have exposed the operations of an Android malware vendor who teamed up with a second threat actor to market and sell a remote access Trojan capable of device takeover and exfiltration of photos, locations, contacts, and messages from popular apps such as Facebook, Instagram, WhatsApp, Skype, Telegram, Kik, Line, and Google Messages. The vendor, who goes by the name of "Triangulum" in a number of darknet forums, is alleged to be a 25-year-old man of Indian origin, with the individual opening up shop to sell the malware three years ago on June 10, 2017, according to an analysis published by Check Point Research today.

Cybersecurity researchers took the wraps off a new spyware operation targeting users in Pakistan that leverages trojanized versions of legitimate Android apps to carry out covert surveillance and espionage. Designed to masquerade apps such as the Pakistan Citizen Portal, a Muslim prayer-clock app called Pakistan Salat Time, Mobile Packages Pakistan, Registered SIMs Checker, and TPL Insurance, the malicious variants have been found to obfuscate their operations to stealthily download a payload in the form of an Android Dalvik executable file.

Google has fixed two critical bugs affecting its Android handsets. The more serious flaws exists in the Android System component and allow remote attackers to execute arbitrary code.

Google this week announced the January 2021 security updates for Android devices, which address 42 vulnerabilities, including four rated critical severity. Addressed as part of the 2021-01-01 security patch level and tracked as CVE-2021-0316, the most important of these flaws is a critical security bug in System that could be exploited to achieve code execution remotely.

Jack Wallen takes one more opportunity to remind Android device owners to use those phones with a great deal of caution; otherwise, they could become victims of malware. Google's Play Protect gives users a false sense of security.

The latest twist is ransomware targeting Android devices disguised as a legitimate download of the new open-world game. New Android #Ransomware disguised as #Cyberpunk2077 game.