A newly-discovered Android malware app called FlixOnline promised users access to Netflix content from all around the world on their smartphones before exploiting access to their WhatsApp, according to Check Point Research. Troubling, the app was not solely on third-party app stores – it was, instead, found on the Google Play Store, using Netflix imagery to create an extra level of trust in potential targets. When installed and granted certain permissions, according to a summary of the research findings, “the malware is capable of automatically replying to victims’ incoming WhatsApp messages with a payload received from a command-and-control (C&C) server. This…
ISBuzz Team
A new alert has been issued by WhatsApp, warning users of a scam that makes it hard to spot a malicious message given that it appears to come from a friend in your contact list. This WhatsApp security scam works by attackers sending users a text on their smartphone, followed by a message on WhatsApp from a friend in their contact list. This friend then asks the user to share the code with them that they have received on their smartphone. Once the user shares the code with the friend, scammers can easily hack their WhatsApp, leaving them logged out…
HP urges businesses to protect the endpoint – new report highlights that the enterprise has become the most common target, as nation states take aim at organizations with high value IP, such as technology and pharmaceutical firms HP Inc. today announced the findings of a new study –Nation States, Cyberconflict and the Web of Profit – showing that nation state cyberattacks are becoming more frequent, varied and open; moving us closer to a point of ‘advanced cyberconflict’ than at any time since the inception of the internet. The research – which was conducted by Dr. Mike McGuire, Senior Lecturer in Criminology…
The latest data from the National Cyber Security Centre (NCSC) shows millions of British people using their pet’s names as passwords, along with other easily guessed answers, despite it being an easy target for hackers.
Britain is rolling out its new Online Safety bill, an update from the Online Harms White Paper released in December 2020, discouraging companies like Facebook from using end-to-end encryption. Priti Patel, UK’s Home Secretary, has been notably against end-to-end encryption for years and is planning to deliver a keynote speech at an April 19th child protection charity’s event focused on exposing the dangers of end-to-end encryption. Richard Blech of XSOC CORP offers perspective.
As reported by TechCrunch, cybercriminals have taken out a number of Facebook ads masquerading as a Clubhouse app for PC users in order to target unsuspecting victims with malware. TechCrunch was alerted Wednesday to Facebook ads tied to several Facebook pages impersonating Clubhouse, the drop-in audio chat app only available on iPhones. Clicking on the ad would open a fake Clubhouse website, including a mocked-up screenshot of what the non-existent PC app looks like, with a download link to the malicious app. When opened, the malicious app tries to communicate with a command and control server to obtain instructions on…
It has been reported that data from over 500 million LinkedIn users are being sold online to hackers, marking the second major cybersecurity incident to be revealed in the past week, following news of a similar occurrence involving Facebook. The trove of scraped LinkedIn data includes user IDs, full names, email addresses, phone numbers, professional titles, and other work-related data, according to security news and research group CyberNews. CyberNews analysts discovered the scraped data set on an online forum for hackers and were able to verify that the data was associated with LinkedIn user accounts. It’s unclear how old the…
Tuesday, April 13th is the inaugural Identity Management Day. This is an annual awareness day that aims to educate business leaders and IT decision-makers on the importance of identity management and key components including governance, identity-centric security best practices, processes, and technology, with a special focus on the dangers of not properly securing identities and access credentials.
The Verizon 2021 Mobile Security Index finds that forty percent said that mobile devices are the company’s biggest security risk; seventy-eight percent expected home working to remain high even when COVID-19 is no longer an issue, and seventy-five percent said that their business’s reliance on cloud-based apps is growing. Cybersecurity experts offer perspectives.
With the COVID vaccine rollouts in full swing (finally!), attention is beginning to shift towards other priorities that are pressing on the new administration. By now you may be familiar with the Cybersecurity Improvement Act, which was passed bipartisan in late 2020 to help improve the state of IoT Cybersecurity in the new year. Reshifting our focus to this legislation is allowing the security industry to identify if the Act is actually effective and what its short/long term implications look like.