Jan 04, 2025Ravie LakshmananMalware / VPN Security Cybersecurity researchers have flagged a new malware called PLAYFULGHOST that comes with a wide range of information-gathering features like keylogging, screen capture, audio capture, remote shell, and file transfer/execution. The backdoor, according to Google's Managed Defense team, shares functional overlaps with a known … [Read more...] about PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps
apps
Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API
Jan 02, 2025Ravie LakshmananVulnerability / Data Protection Details have emerged about three now-patched security vulnerabilities in Dynamics 365 and Power Apps Web API that could result in data exposure. The flaws, discovered by Melbourne-based cybersecurity company Stratus Security, have been addressed as of May 2024. Two of the three shortcomings reside in Power Platform's … [Read more...] about Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API
New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration
Nov 12, 2024Ravie LakshmananVirtualization / Vulnerability Cybersecurity researchers have disclosed new security flaws impacting Citrix Virtual Apps and Desktop that could be exploited to achieve unauthenticated remote code execution (RCE) The issue, per findings from watchTowr, is rooted in the Session Recording component that allows system administrators to capture user … [Read more...] about New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration
Build Custom Apps to Solve Tough Security Challenges
Security teams can easily build custom applications with a unified homepage experience, intuitive visual builder and access to modern low-code and no-code tools. This builder guides them through the building blocks necessary to develop an application before it is released and installed. A new learn page allows app developers to easily access guided documentation and … [Read more...] about Build Custom Apps to Solve Tough Security Challenges
Kaspersky apps are no longer available on Google Play: what to do?
We’ve recently been informed by the Google Play store that our developer account has been terminated and all Kaspersky apps have been removed from the store. Google’s decision refers to recent U.S. government actions restricting the distribution and sales of Kaspersky products in the United States after September 29. Although these restrictions have no material legal effect … [Read more...] about Kaspersky apps are no longer available on Google Play: what to do?
Fake Trading Apps Target Victims Globally via Apple App Store and Google Play
A large-scale fraud campaign leveraged fake trading apps published on the Apple App Store and Google Play Store, as well as phishing sites, to defraud victims, per findings from Group-IB. The campaign is part of a consumer investment fraud scheme that's also widely known as pig butchering, in which prospective victims are lured into making investments in cryptocurrency or other … [Read more...] about Fake Trading Apps Target Victims Globally via Apple App Store and Google Play
Necro Android Malware Found in Popular Camera and Browser Apps on Play Store
Sep 24, 2024Ravie LakshmananMobile Security / Malware Altered versions of legitimate Android apps associated with Spotify, WhatsApp, and Minecraft have been used to deliver a new version of a known malware loader called Necro. Kaspersky said some of the malicious apps have also been found on the Google Play Store. They have been cumulatively downloaded 11 million times. They … [Read more...] about Necro Android Malware Found in Popular Camera and Browser Apps on Play Store
New Mandrake Spyware Found in Google Play Store Apps After Two Years
Jul 30, 2024Ravie LakshmananMobile Security / Spyware A new iteration of a sophisticated Android spyware called Mandrake has been discovered in five applications that were available for download from the Google Play Store and remained undetected for two years. The applications attracted a total of more than 32,000 installations before being pulled from the app storefront, … [Read more...] about New Mandrake Spyware Found in Google Play Store Apps After Two Years
This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps
A Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-service (MaaS) offerings to the next level. Singaporean cybersecurity company Group-IB, which has been tracking the e-crime actor since January 2023, described the crimeware solution as a "sophisticated AI-powered … [Read more...] about This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps
‘Konfety’ Ad Fraud Uses 250+ Google Play Decoy Apps to Hide Malicious Twins
Jul 16, 2024NewsroomMobile Security / Online Security Details have emerged about a "massive ad fraud operation" that leverages hundreds of apps on the Google Play Store to perform a host of nefarious activities. The campaign has been codenamed Konfety – the Russian word for Candy – owing to its abuse of a mobile advertising software development kit (SDK) associated with a … [Read more...] about ‘Konfety’ Ad Fraud Uses 250+ Google Play Decoy Apps to Hide Malicious Twins