FreshRSS

🔒
△ 🔃
☐ ☆ ✇ The Hacker News

This Cloud Botnet Has Hijacked 30,000 Systems to Mine Cryptocurrencies

By Ravie Lakshmanan — July 20th 2022 at 11:44
The 8220 cryptomining group has expanded in size to encompass as many as 30,000 infected hosts, up from 2,000 hosts globally in mid-2021. "8220 Gang is one of the many low-skill crimeware gangs we continually observe infecting cloud hosts and operating a botnet and cryptocurrency miners through known vulnerabilities and remote access brute forcing infection vectors," Tom Hegel of SentinelOne 
☐ ☆ ✇ The Hacker News

Russian Hackers Using DropBox and Google Drive to Drop Malicious Payloads

By Ravie Lakshmanan — July 20th 2022 at 04:03
The Russian state-sponsored hacking collective known as APT29 has been attributed to a new phishing campaign that takes advantage of legitimate cloud services like Google Drive and Dropbox to deliver malicious payloads on compromised systems. "These campaigns are believed to have targeted several Western diplomatic missions between May and June 2022," Palo Alto Networks Unit 42 said in a Tuesday
☐ ☆ ✇ The Hacker News

Several New Play Store Apps Spotted Distributing Joker, Facestealer and Coper Malware

By Ravie Lakshmanan — July 19th 2022 at 06:38
Google has taken steps to ax dozens of fraudulent apps from the official Play Store that were spotted propagating Joker, Facestealer, and Coper malware families through the virtual marketplace. While the Android storefront is considered to be a trusted source for discovering and installing apps, bad actors have repeatedly found ways to sneak past security barriers erected by Google in hopes of
☐ ☆ ✇ The Hacker News

Google Removes "App Permissions" List from Play Store for New "Data Safety" Section

By Ravie Lakshmanan — July 16th 2022 at 06:59
Following the launch of a new "Data safety" section for the Android app on the Play Store, Google appears to be readying to remove the app permissions list from both the mobile app and the web. The change was highlighted by Esper's Mishaal Rahman earlier this week. The Data safety section, which Google began rolling out in late April 2022, is the company's answer to Apple's Privacy Nutrition
☐ ☆ ✇ The Hacker News

Hackers Targeting VoIP Servers By Exploiting Digium Phone Software

By Ravie Lakshmanan — July 16th 2022 at 06:33
VoIP phones using Digium's software have been targeted to drop a web shell on their servers as part of an attack campaign designed to exfiltrate data by downloading and executing additional payloads. "The malware installs multilayer obfuscated PHP backdoors to the web server's file system, downloads new payloads for execution, and schedules recurring tasks to re-infect the host system," Palo
❌